1 /* -*- Mode: C; tab-width: 4 -*- 2 * 3 * Copyright (c) 2002-2018 Apple Inc. All rights reserved. 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 */ 17 18 // Set mDNS_InstantiateInlines to tell mDNSEmbeddedAPI.h to instantiate inline functions, if necessary 19 #define mDNS_InstantiateInlines 1 20 #include "DNSCommon.h" 21 #include "CryptoAlg.h" 22 #include "anonymous.h" 23 24 #ifdef UNIT_TEST 25 #include "unittest.h" 26 #endif 27 28 // Disable certain benign warnings with Microsoft compilers 29 #if (defined(_MSC_VER)) 30 // Disable "conditional expression is constant" warning for debug macros. 31 // Otherwise, this generates warnings for the perfectly natural construct "while(1)" 32 // If someone knows a variant way of writing "while(1)" that doesn't generate warning messages, please let us know 33 #pragma warning(disable:4127) 34 // Disable "array is too small to include a terminating null character" warning 35 // -- domain labels have an initial length byte, not a terminating null character 36 #pragma warning(disable:4295) 37 #endif 38 39 // *************************************************************************** 40 #if COMPILER_LIKES_PRAGMA_MARK 41 #pragma mark - Program Constants 42 #endif 43 44 mDNSexport const mDNSInterfaceID mDNSInterface_Any = 0; 45 mDNSexport const mDNSInterfaceID mDNSInterfaceMark = (mDNSInterfaceID)-1; 46 mDNSexport const mDNSInterfaceID mDNSInterface_LocalOnly = (mDNSInterfaceID)-2; 47 mDNSexport const mDNSInterfaceID mDNSInterface_Unicast = (mDNSInterfaceID)-3; 48 mDNSexport const mDNSInterfaceID mDNSInterface_P2P = (mDNSInterfaceID)-4; 49 mDNSexport const mDNSInterfaceID uDNSInterfaceMark = (mDNSInterfaceID)-5; 50 mDNSexport const mDNSInterfaceID mDNSInterface_BLE = (mDNSInterfaceID)-6; 51 52 // Note: Microsoft's proposed "Link Local Multicast Name Resolution Protocol" (LLMNR) is essentially a limited version of 53 // Multicast DNS, using the same packet formats, naming syntax, and record types as Multicast DNS, but on a different UDP 54 // port and multicast address, which means it won't interoperate with the existing installed base of Multicast DNS responders. 55 // LLMNR uses IPv4 multicast address 224.0.0.252, IPv6 multicast address FF02::0001:0003, and UDP port 5355. 56 // Uncomment the appropriate lines below to build a special Multicast DNS responder for testing interoperability 57 // with Microsoft's LLMNR client code. 58 59 #define DiscardPortAsNumber 9 60 #define SSHPortAsNumber 22 61 #define UnicastDNSPortAsNumber 53 62 #define SSDPPortAsNumber 1900 63 #define IPSECPortAsNumber 4500 64 #define NSIPCPortAsNumber 5030 // Port used for dnsextd to talk to local nameserver bound to loopback 65 #define NATPMPAnnouncementPortAsNumber 5350 66 #define NATPMPPortAsNumber 5351 67 #define DNSEXTPortAsNumber 5352 // Port used for end-to-end DNS operations like LLQ, Updates with Leases, etc. 68 #define MulticastDNSPortAsNumber 5353 69 #define LoopbackIPCPortAsNumber 5354 70 //#define MulticastDNSPortAsNumber 5355 // LLMNR 71 #define PrivateDNSPortAsNumber 5533 72 73 mDNSexport const mDNSIPPort DiscardPort = { { DiscardPortAsNumber >> 8, DiscardPortAsNumber & 0xFF } }; 74 mDNSexport const mDNSIPPort SSHPort = { { SSHPortAsNumber >> 8, SSHPortAsNumber & 0xFF } }; 75 mDNSexport const mDNSIPPort UnicastDNSPort = { { UnicastDNSPortAsNumber >> 8, UnicastDNSPortAsNumber & 0xFF } }; 76 mDNSexport const mDNSIPPort SSDPPort = { { SSDPPortAsNumber >> 8, SSDPPortAsNumber & 0xFF } }; 77 mDNSexport const mDNSIPPort IPSECPort = { { IPSECPortAsNumber >> 8, IPSECPortAsNumber & 0xFF } }; 78 mDNSexport const mDNSIPPort NSIPCPort = { { NSIPCPortAsNumber >> 8, NSIPCPortAsNumber & 0xFF } }; 79 mDNSexport const mDNSIPPort NATPMPAnnouncementPort = { { NATPMPAnnouncementPortAsNumber >> 8, NATPMPAnnouncementPortAsNumber & 0xFF } }; 80 mDNSexport const mDNSIPPort NATPMPPort = { { NATPMPPortAsNumber >> 8, NATPMPPortAsNumber & 0xFF } }; 81 mDNSexport const mDNSIPPort DNSEXTPort = { { DNSEXTPortAsNumber >> 8, DNSEXTPortAsNumber & 0xFF } }; 82 mDNSexport const mDNSIPPort MulticastDNSPort = { { MulticastDNSPortAsNumber >> 8, MulticastDNSPortAsNumber & 0xFF } }; 83 mDNSexport const mDNSIPPort LoopbackIPCPort = { { LoopbackIPCPortAsNumber >> 8, LoopbackIPCPortAsNumber & 0xFF } }; 84 mDNSexport const mDNSIPPort PrivateDNSPort = { { PrivateDNSPortAsNumber >> 8, PrivateDNSPortAsNumber & 0xFF } }; 85 86 mDNSexport const OwnerOptData zeroOwner = { 0, 0, { { 0 } }, { { 0 } }, { { 0 } } }; 87 88 mDNSexport const mDNSIPPort zeroIPPort = { { 0 } }; 89 mDNSexport const mDNSv4Addr zerov4Addr = { { 0 } }; 90 mDNSexport const mDNSv6Addr zerov6Addr = { { 0 } }; 91 mDNSexport const mDNSEthAddr zeroEthAddr = { { 0 } }; 92 mDNSexport const mDNSv4Addr onesIPv4Addr = { { 255, 255, 255, 255 } }; 93 mDNSexport const mDNSv6Addr onesIPv6Addr = { { 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255, 255 } }; 94 mDNSexport const mDNSEthAddr onesEthAddr = { { 255, 255, 255, 255, 255, 255 } }; 95 mDNSexport const mDNSAddr zeroAddr = { mDNSAddrType_None, {{{ 0 }}} }; 96 97 mDNSexport const mDNSv4Addr AllDNSAdminGroup = { { 239, 255, 255, 251 } }; 98 mDNSexport const mDNSv4Addr AllHosts_v4 = { { 224, 0, 0, 1 } }; // For NAT-PMP & PCP Annoucements 99 mDNSexport const mDNSv6Addr AllHosts_v6 = { { 0xFF,0x02,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x01 } }; 100 mDNSexport const mDNSv6Addr NDP_prefix = { { 0xFF,0x02,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x01, 0xFF,0x00,0x00,0xFB } }; // FF02:0:0:0:0:1:FF00::/104 101 mDNSexport const mDNSEthAddr AllHosts_v6_Eth = { { 0x33, 0x33, 0x00, 0x00, 0x00, 0x01 } }; 102 mDNSexport const mDNSAddr AllDNSLinkGroup_v4 = { mDNSAddrType_IPv4, { { { 224, 0, 0, 251 } } } }; 103 //mDNSexport const mDNSAddr AllDNSLinkGroup_v4 = { mDNSAddrType_IPv4, { { { 224, 0, 0, 252 } } } }; // LLMNR 104 mDNSexport const mDNSAddr AllDNSLinkGroup_v6 = { mDNSAddrType_IPv6, { { { 0xFF,0x02,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0xFB } } } }; 105 //mDNSexport const mDNSAddr AllDNSLinkGroup_v6 = { mDNSAddrType_IPv6, { { { 0xFF,0x02,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x00,0x00,0x00, 0x00,0x01,0x00,0x03 } } } }; // LLMNR 106 107 mDNSexport const mDNSOpaque16 zeroID = { { 0, 0 } }; 108 mDNSexport const mDNSOpaque16 onesID = { { 255, 255 } }; 109 mDNSexport const mDNSOpaque16 QueryFlags = { { kDNSFlag0_QR_Query | kDNSFlag0_OP_StdQuery, 0 } }; 110 mDNSexport const mDNSOpaque16 uQueryFlags = { { kDNSFlag0_QR_Query | kDNSFlag0_OP_StdQuery | kDNSFlag0_RD, 0 } }; 111 mDNSexport const mDNSOpaque16 DNSSecQFlags = { { kDNSFlag0_QR_Query | kDNSFlag0_OP_StdQuery | kDNSFlag0_RD, kDNSFlag1_CD } }; 112 mDNSexport const mDNSOpaque16 ResponseFlags = { { kDNSFlag0_QR_Response | kDNSFlag0_OP_StdQuery | kDNSFlag0_AA, 0 } }; 113 mDNSexport const mDNSOpaque16 UpdateReqFlags = { { kDNSFlag0_QR_Query | kDNSFlag0_OP_Update, 0 } }; 114 mDNSexport const mDNSOpaque16 UpdateRespFlags = { { kDNSFlag0_QR_Response | kDNSFlag0_OP_Update, 0 } }; 115 mDNSexport const mDNSOpaque16 SubscribeFlags = { { kDNSFlag0_QR_Query | kDNSFlag0_OP_Subscribe, 0 } }; 116 mDNSexport const mDNSOpaque16 UnSubscribeFlags= { { kDNSFlag0_QR_Query | kDNSFlag0_OP_UnSubscribe, 0 } }; 117 118 mDNSexport const mDNSOpaque64 zeroOpaque64 = { { 0 } }; 119 mDNSexport const mDNSOpaque128 zeroOpaque128 = { { 0 } }; 120 121 // *************************************************************************** 122 #if COMPILER_LIKES_PRAGMA_MARK 123 #pragma mark - 124 #pragma mark - General Utility Functions 125 #endif 126 127 // return true for RFC1918 private addresses 128 mDNSexport mDNSBool mDNSv4AddrIsRFC1918(const mDNSv4Addr * const addr) 129 { 130 return ((addr->b[0] == 10) || // 10/8 prefix 131 (addr->b[0] == 172 && (addr->b[1] & 0xF0) == 16) || // 172.16/12 132 (addr->b[0] == 192 && addr->b[1] == 168)); // 192.168/16 133 } 134 135 mDNSexport void mDNSAddrMapIPv4toIPv6(mDNSv4Addr* in, mDNSv6Addr* out) 136 { 137 out->l[0] = 0; 138 out->l[1] = 0; 139 out->w[4] = 0; 140 out->w[5] = 0xffff; 141 out->b[12] = in->b[0]; 142 out->b[13] = in->b[1]; 143 out->b[14] = in->b[2]; 144 out->b[15] = in->b[3]; 145 } 146 147 mDNSexport mDNSBool mDNSAddrIPv4FromMappedIPv6(mDNSv6Addr *in, mDNSv4Addr* out) 148 { 149 if (in->l[0] != 0 || in->l[1] != 0 || in->w[4] != 0 || in->w[5] != 0xffff) 150 return mDNSfalse; 151 152 out->NotAnInteger = in->l[3]; 153 return mDNStrue; 154 } 155 156 mDNSexport NetworkInterfaceInfo *GetFirstActiveInterface(NetworkInterfaceInfo *intf) 157 { 158 while (intf && !intf->InterfaceActive) intf = intf->next; 159 return(intf); 160 } 161 162 mDNSexport mDNSInterfaceID GetNextActiveInterfaceID(const NetworkInterfaceInfo *intf) 163 { 164 const NetworkInterfaceInfo *next = GetFirstActiveInterface(intf->next); 165 if (next) return(next->InterfaceID);else return(mDNSNULL); 166 } 167 168 mDNSexport mDNSu32 NumCacheRecordsForInterfaceID(const mDNS *const m, mDNSInterfaceID id) 169 { 170 mDNSu32 slot, used = 0; 171 CacheGroup *cg; 172 const CacheRecord *rr; 173 FORALL_CACHERECORDS(slot, cg, rr) 174 { 175 if (rr->resrec.InterfaceID == id) 176 used++; 177 } 178 return(used); 179 } 180 181 mDNSexport char *DNSTypeName(mDNSu16 rrtype) 182 { 183 switch (rrtype) 184 { 185 case kDNSType_A: return("Addr"); 186 case kDNSType_NS: return("NS"); 187 case kDNSType_CNAME: return("CNAME"); 188 case kDNSType_SOA: return("SOA"); 189 case kDNSType_NULL: return("NULL"); 190 case kDNSType_PTR: return("PTR"); 191 case kDNSType_HINFO: return("HINFO"); 192 case kDNSType_TXT: return("TXT"); 193 case kDNSType_AAAA: return("AAAA"); 194 case kDNSType_SRV: return("SRV"); 195 case kDNSType_OPT: return("OPT"); 196 case kDNSType_NSEC: return("NSEC"); 197 case kDNSType_NSEC3: return("NSEC3"); 198 case kDNSType_NSEC3PARAM: return("NSEC3PARAM"); 199 case kDNSType_TSIG: return("TSIG"); 200 case kDNSType_RRSIG: return("RRSIG"); 201 case kDNSType_DNSKEY: return("DNSKEY"); 202 case kDNSType_DS: return("DS"); 203 case kDNSQType_ANY: return("ANY"); 204 default: { 205 static char buffer[16]; 206 mDNS_snprintf(buffer, sizeof(buffer), "TYPE%d", rrtype); 207 return(buffer); 208 } 209 } 210 } 211 212 mDNSlocal char *DNSSECAlgName(mDNSu8 alg) 213 { 214 switch (alg) 215 { 216 case CRYPTO_RSA_SHA1: return "RSA_SHA1"; 217 case CRYPTO_DSA_NSEC3_SHA1: return "DSA_NSEC3_SHA1"; 218 case CRYPTO_RSA_NSEC3_SHA1: return "RSA_NSEC3_SHA1"; 219 case CRYPTO_RSA_SHA256: return "RSA_SHA256"; 220 case CRYPTO_RSA_SHA512: return "RSA_SHA512"; 221 default: { 222 static char algbuffer[16]; 223 mDNS_snprintf(algbuffer, sizeof(algbuffer), "ALG%d", alg); 224 return(algbuffer); 225 } 226 } 227 } 228 229 mDNSlocal char *DNSSECDigestName(mDNSu8 digest) 230 { 231 switch (digest) 232 { 233 case SHA1_DIGEST_TYPE: return "SHA1"; 234 case SHA256_DIGEST_TYPE: return "SHA256"; 235 default: 236 { 237 static char digbuffer[16]; 238 mDNS_snprintf(digbuffer, sizeof(digbuffer), "DIG%d", digest); 239 return(digbuffer); 240 } 241 } 242 } 243 244 mDNSexport mDNSu32 swap32(mDNSu32 x) 245 { 246 mDNSu8 *ptr = (mDNSu8 *)&x; 247 return (mDNSu32)((mDNSu32)ptr[0] << 24 | (mDNSu32)ptr[1] << 16 | (mDNSu32)ptr[2] << 8 | ptr[3]); 248 } 249 250 mDNSexport mDNSu16 swap16(mDNSu16 x) 251 { 252 mDNSu8 *ptr = (mDNSu8 *)&x; 253 return (mDNSu16)((mDNSu16)ptr[0] << 8 | ptr[1]); 254 } 255 256 // RFC 4034 Appendix B: Get the keyid of a DNS KEY. It is not transmitted 257 // explicitly on the wire. 258 // 259 // Note: This just helps narrow down the list of keys to look at. It is possible 260 // for two DNS keys to have the same ID i.e., key ID is not a unqiue tag. We ignore 261 // MD5 keys. 262 // 263 // 1st argument - the RDATA part of the DNSKEY RR 264 // 2nd argument - the RDLENGTH 265 // 266 mDNSlocal mDNSu32 keytag(mDNSu8 *key, mDNSu32 keysize) 267 { 268 unsigned long ac; 269 unsigned int i; 270 271 for (ac = 0, i = 0; i < keysize; ++i) 272 ac += (i & 1) ? key[i] : key[i] << 8; 273 ac += (ac >> 16) & 0xFFFF; 274 return ac & 0xFFFF; 275 } 276 277 mDNSexport int baseEncode(char *buffer, int blen, const mDNSu8 *data, int len, int encAlg) 278 { 279 AlgContext *ctx; 280 mDNSu8 *outputBuffer; 281 int length; 282 283 ctx = AlgCreate(ENC_ALG, encAlg); 284 if (!ctx) 285 { 286 LogMsg("baseEncode: AlgCreate failed\n"); 287 return 0; 288 } 289 AlgAdd(ctx, data, len); 290 outputBuffer = AlgEncode(ctx); 291 length = 0; 292 if (outputBuffer) 293 { 294 // Note: don't include any spaces in the format string below. This 295 // is also used by NSEC3 code for proving non-existence where it 296 // needs the base32 encoding without any spaces etc. 297 length = mDNS_snprintf(buffer, blen, "%s", outputBuffer); 298 } 299 AlgDestroy(ctx); 300 return length; 301 } 302 303 mDNSlocal void PrintTypeBitmap(const mDNSu8 *bmap, int bitmaplen, char *const buffer, mDNSu32 length) 304 { 305 int win, wlen, type; 306 307 while (bitmaplen > 0) 308 { 309 int i; 310 311 if (bitmaplen < 3) 312 { 313 LogMsg("PrintTypeBitmap: malformed bitmap, bitmaplen %d short", bitmaplen); 314 break; 315 } 316 317 win = *bmap++; 318 wlen = *bmap++; 319 bitmaplen -= 2; 320 if (bitmaplen < wlen || wlen < 1 || wlen > 32) 321 { 322 LogInfo("PrintTypeBitmap: malformed nsec, bitmaplen %d wlen %d", bitmaplen, wlen); 323 break; 324 } 325 if (win < 0 || win >= 256) 326 { 327 LogInfo("PrintTypeBitmap: malformed nsec, bad window win %d", win); 328 break; 329 } 330 type = win * 256; 331 for (i = 0; i < wlen * 8; i++) 332 { 333 if (bmap[i>>3] & (128 >> (i&7))) 334 length += mDNS_snprintf(buffer+length, (MaxMsg - 1) - length, "%s ", DNSTypeName(type + i)); 335 } 336 bmap += wlen; 337 bitmaplen -= wlen; 338 } 339 } 340 341 // Parse the fields beyond the base header. NSEC3 should have been validated. 342 mDNSexport void NSEC3Parse(const ResourceRecord *const rr, mDNSu8 **salt, int *hashLength, mDNSu8 **nxtName, int *bitmaplen, mDNSu8 **bitmap) 343 { 344 const RDataBody2 *const rdb = (RDataBody2 *)rr->rdata->u.data; 345 rdataNSEC3 *nsec3 = (rdataNSEC3 *)rdb->data; 346 mDNSu8 *p = (mDNSu8 *)&nsec3->salt; 347 int hlen; 348 349 if (salt) 350 { 351 if (nsec3->saltLength) 352 *salt = p; 353 else 354 *salt = mDNSNULL; 355 } 356 p += nsec3->saltLength; 357 // p is pointing at hashLength 358 hlen = (int)*p; 359 if (hashLength) 360 *hashLength = hlen; 361 p++; 362 if (nxtName) 363 *nxtName = p; 364 p += hlen; 365 if (bitmaplen) 366 *bitmaplen = rr->rdlength - (int)(p - rdb->data); 367 if (bitmap) 368 *bitmap = p; 369 } 370 371 // Note slight bug: this code uses the rdlength from the ResourceRecord object, to display 372 // the rdata from the RDataBody object. Sometimes this could be the wrong length -- but as 373 // long as this routine is only used for debugging messages, it probably isn't a big problem. 374 mDNSexport char *GetRRDisplayString_rdb(const ResourceRecord *const rr, const RDataBody *const rd1, char *const buffer) 375 { 376 const RDataBody2 *const rd = (RDataBody2 *)rd1; 377 #define RemSpc (MaxMsg-1-length) 378 char *ptr = buffer; 379 mDNSu32 length = mDNS_snprintf(buffer, MaxMsg-1, "%4d %##s %s ", rr->rdlength, rr->name->c, DNSTypeName(rr->rrtype)); 380 if (rr->RecordType == kDNSRecordTypePacketNegative) return(buffer); 381 if (!rr->rdlength && rr->rrtype != kDNSType_OPT) { mDNS_snprintf(buffer+length, RemSpc, "<< ZERO RDATA LENGTH >>"); return(buffer); } 382 383 switch (rr->rrtype) 384 { 385 case kDNSType_A: mDNS_snprintf(buffer+length, RemSpc, "%.4a", &rd->ipv4); break; 386 387 case kDNSType_NS: // Same as PTR 388 case kDNSType_CNAME: // Same as PTR 389 case kDNSType_PTR: mDNS_snprintf(buffer+length, RemSpc, "%##s", rd->name.c); break; 390 391 case kDNSType_SOA: mDNS_snprintf(buffer+length, RemSpc, "%##s %##s %d %d %d %d %d", 392 rd->soa.mname.c, rd->soa.rname.c, 393 rd->soa.serial, rd->soa.refresh, rd->soa.retry, rd->soa.expire, rd->soa.min); 394 break; 395 396 case kDNSType_HINFO: // Display this the same as TXT (show all constituent strings) 397 case kDNSType_TXT: { 398 const mDNSu8 *t = rd->txt.c; 399 while (t < rd->txt.c + rr->rdlength) 400 { 401 length += mDNS_snprintf(buffer+length, RemSpc, "%s%#s", t > rd->txt.c ? "¦" : "", t); 402 t += 1 + t[0]; 403 } 404 } break; 405 406 case kDNSType_AAAA: mDNS_snprintf(buffer+length, RemSpc, "%.16a", &rd->ipv6); break; 407 case kDNSType_SRV: mDNS_snprintf(buffer+length, RemSpc, "%u %u %u %##s", 408 rd->srv.priority, rd->srv.weight, mDNSVal16(rd->srv.port), rd->srv.target.c); break; 409 410 case kDNSType_OPT: { 411 const rdataOPT *opt; 412 const rdataOPT *const end = (const rdataOPT *)&rd->data[rr->rdlength]; 413 length += mDNS_snprintf(buffer+length, RemSpc, "Max %d", rr->rrclass); 414 for (opt = &rd->opt[0]; opt < end; opt++) 415 { 416 switch(opt->opt) 417 { 418 case kDNSOpt_LLQ: 419 length += mDNS_snprintf(buffer+length, RemSpc, " LLQ"); 420 length += mDNS_snprintf(buffer+length, RemSpc, " Vers %d", opt->u.llq.vers); 421 length += mDNS_snprintf(buffer+length, RemSpc, " Op %d", opt->u.llq.llqOp); 422 length += mDNS_snprintf(buffer+length, RemSpc, " Err/Port %d", opt->u.llq.err); 423 length += mDNS_snprintf(buffer+length, RemSpc, " ID %08X%08X", opt->u.llq.id.l[0], opt->u.llq.id.l[1]); 424 length += mDNS_snprintf(buffer+length, RemSpc, " Lease %d", opt->u.llq.llqlease); 425 break; 426 case kDNSOpt_Lease: 427 length += mDNS_snprintf(buffer+length, RemSpc, " Lease %d", opt->u.updatelease); 428 break; 429 case kDNSOpt_Owner: 430 length += mDNS_snprintf(buffer+length, RemSpc, " Owner"); 431 length += mDNS_snprintf(buffer+length, RemSpc, " Vers %d", opt->u.owner.vers); 432 length += mDNS_snprintf(buffer+length, RemSpc, " Seq %3d", (mDNSu8)opt->u.owner.seq); // Display as unsigned 433 length += mDNS_snprintf(buffer+length, RemSpc, " MAC %.6a", opt->u.owner.HMAC.b); 434 if (opt->optlen >= DNSOpt_OwnerData_ID_Wake_Space-4) 435 { 436 length += mDNS_snprintf(buffer+length, RemSpc, " I-MAC %.6a", opt->u.owner.IMAC.b); 437 if (opt->optlen > DNSOpt_OwnerData_ID_Wake_Space-4) 438 length += mDNS_snprintf(buffer+length, RemSpc, " Password %.6a", opt->u.owner.password.b); 439 } 440 break; 441 case kDNSOpt_Trace: 442 length += mDNS_snprintf(buffer+length, RemSpc, " Trace"); 443 length += mDNS_snprintf(buffer+length, RemSpc, " Platform %d", opt->u.tracer.platf); 444 length += mDNS_snprintf(buffer+length, RemSpc, " mDNSVers %d", opt->u.tracer.mDNSv); 445 break; 446 default: 447 length += mDNS_snprintf(buffer+length, RemSpc, " Unknown %d", opt->opt); 448 break; 449 } 450 } 451 } 452 break; 453 454 case kDNSType_NSEC: { 455 domainname *next = (domainname *)rd->data; 456 int len, bitmaplen; 457 mDNSu8 *bmap; 458 len = DomainNameLength(next); 459 bitmaplen = rr->rdlength - len; 460 bmap = (mDNSu8 *)((mDNSu8 *)next + len); 461 462 if (UNICAST_NSEC(rr)) 463 length += mDNS_snprintf(buffer+length, RemSpc, "%##s ", next->c); 464 PrintTypeBitmap(bmap, bitmaplen, buffer, length); 465 466 } 467 break; 468 case kDNSType_NSEC3: { 469 rdataNSEC3 *nsec3 = (rdataNSEC3 *)rd->data; 470 const mDNSu8 *p = (mDNSu8 *)&nsec3->salt; 471 int hashLength, bitmaplen, i; 472 473 length += mDNS_snprintf(buffer+length, RemSpc, "\t%s %d %d ", 474 DNSSECDigestName(nsec3->alg), nsec3->flags, swap16(nsec3->iterations)); 475 476 if (!nsec3->saltLength) 477 { 478 length += mDNS_snprintf(buffer+length, RemSpc, "-"); 479 } 480 else 481 { 482 for (i = 0; i < nsec3->saltLength; i++) 483 { 484 length += mDNS_snprintf(buffer+length, RemSpc, "%x", p[i]); 485 } 486 } 487 488 // put a space at the end 489 length += mDNS_snprintf(buffer+length, RemSpc, " "); 490 491 p += nsec3->saltLength; 492 // p is pointing at hashLength 493 hashLength = (int)*p++; 494 495 length += baseEncode(buffer + length, RemSpc, p, hashLength, ENC_BASE32); 496 497 // put a space at the end 498 length += mDNS_snprintf(buffer+length, RemSpc, " "); 499 500 p += hashLength; 501 bitmaplen = rr->rdlength - (int)(p - rd->data); 502 PrintTypeBitmap(p, bitmaplen, buffer, length); 503 } 504 break; 505 case kDNSType_RRSIG: { 506 rdataRRSig *rrsig = (rdataRRSig *)rd->data; 507 mDNSu8 expTimeBuf[64]; 508 mDNSu8 inceptTimeBuf[64]; 509 unsigned long inceptClock; 510 unsigned long expClock; 511 int len; 512 513 expClock = (unsigned long)swap32(rrsig->sigExpireTime); 514 mDNSPlatformFormatTime(expClock, expTimeBuf, sizeof(expTimeBuf)); 515 516 inceptClock = (unsigned long)swap32(rrsig->sigInceptTime); 517 mDNSPlatformFormatTime(inceptClock, inceptTimeBuf, sizeof(inceptTimeBuf)); 518 519 length += mDNS_snprintf(buffer+length, RemSpc, "\t%s %s %d %d %s %s %d %##s ", 520 DNSTypeName(swap16(rrsig->typeCovered)), DNSSECAlgName(rrsig->alg), rrsig->labels, swap32(rrsig->origTTL), 521 expTimeBuf, inceptTimeBuf, swap16(rrsig->keyTag), rrsig->signerName); 522 523 len = DomainNameLength((domainname *)&rrsig->signerName); 524 baseEncode(buffer + length, RemSpc, (const mDNSu8 *)(rd->data + len + RRSIG_FIXED_SIZE), 525 rr->rdlength - (len + RRSIG_FIXED_SIZE), ENC_BASE64); 526 } 527 break; 528 case kDNSType_DNSKEY: { 529 rdataDNSKey *rrkey = (rdataDNSKey *)rd->data; 530 length += mDNS_snprintf(buffer+length, RemSpc, "\t%d %d %s %u ", swap16(rrkey->flags), rrkey->proto, 531 DNSSECAlgName(rrkey->alg), (unsigned int)keytag((mDNSu8 *)rrkey, rr->rdlength)); 532 baseEncode(buffer + length, RemSpc, (const mDNSu8 *)(rd->data + DNSKEY_FIXED_SIZE), 533 rr->rdlength - DNSKEY_FIXED_SIZE, ENC_BASE64); 534 } 535 break; 536 case kDNSType_DS: { 537 mDNSu8 *p; 538 int i; 539 rdataDS *rrds = (rdataDS *)rd->data; 540 541 length += mDNS_snprintf(buffer+length, RemSpc, "\t%s\t%d\t%s ", DNSSECAlgName(rrds->alg), swap16(rrds->keyTag), 542 DNSSECDigestName(rrds->digestType)); 543 544 p = (mDNSu8 *)(rd->data + DS_FIXED_SIZE); 545 for (i = 0; i < (rr->rdlength - DS_FIXED_SIZE); i++) 546 { 547 length += mDNS_snprintf(buffer+length, RemSpc, "%x", p[i]); 548 } 549 } 550 break; 551 552 default: mDNS_snprintf(buffer+length, RemSpc, "RDLen %d: %.*s", rr->rdlength, rr->rdlength, rd->data); 553 // Really should scan buffer to check if text is valid UTF-8 and only replace with dots if not 554 for (ptr = buffer; *ptr; ptr++) if (*ptr < ' ') *ptr = '.'; 555 break; 556 } 557 return(buffer); 558 } 559 560 // See comments in mDNSEmbeddedAPI.h 561 #if _PLATFORM_HAS_STRONG_PRNG_ 562 #define mDNSRandomNumber mDNSPlatformRandomNumber 563 #else 564 mDNSlocal mDNSu32 mDNSRandomFromSeed(mDNSu32 seed) 565 { 566 return seed * 21 + 1; 567 } 568 569 mDNSlocal mDNSu32 mDNSMixRandomSeed(mDNSu32 seed, mDNSu8 iteration) 570 { 571 return iteration ? mDNSMixRandomSeed(mDNSRandomFromSeed(seed), --iteration) : seed; 572 } 573 574 mDNSlocal mDNSu32 mDNSRandomNumber() 575 { 576 static mDNSBool seeded = mDNSfalse; 577 static mDNSu32 seed = 0; 578 if (!seeded) 579 { 580 seed = mDNSMixRandomSeed(mDNSPlatformRandomSeed(), 100); 581 seeded = mDNStrue; 582 } 583 return (seed = mDNSRandomFromSeed(seed)); 584 } 585 #endif // ! _PLATFORM_HAS_STRONG_PRNG_ 586 587 mDNSexport mDNSu32 mDNSRandom(mDNSu32 max) // Returns pseudo-random result from zero to max inclusive 588 { 589 mDNSu32 ret = 0; 590 mDNSu32 mask = 1; 591 592 while (mask < max) mask = (mask << 1) | 1; 593 594 do ret = mDNSRandomNumber() & mask; 595 while (ret > max); 596 597 return ret; 598 } 599 600 mDNSexport mDNSBool mDNSSameAddress(const mDNSAddr *ip1, const mDNSAddr *ip2) 601 { 602 if (ip1->type == ip2->type) 603 { 604 switch (ip1->type) 605 { 606 case mDNSAddrType_None: return(mDNStrue); // Empty addresses have no data and are therefore always equal 607 case mDNSAddrType_IPv4: return (mDNSBool)(mDNSSameIPv4Address(ip1->ip.v4, ip2->ip.v4)); 608 case mDNSAddrType_IPv6: return (mDNSBool)(mDNSSameIPv6Address(ip1->ip.v6, ip2->ip.v6)); 609 } 610 } 611 return(mDNSfalse); 612 } 613 614 mDNSexport mDNSBool mDNSAddrIsDNSMulticast(const mDNSAddr *ip) 615 { 616 switch(ip->type) 617 { 618 case mDNSAddrType_IPv4: return (mDNSBool)(mDNSSameIPv4Address(ip->ip.v4, AllDNSLinkGroup_v4.ip.v4)); 619 case mDNSAddrType_IPv6: return (mDNSBool)(mDNSSameIPv6Address(ip->ip.v6, AllDNSLinkGroup_v6.ip.v6)); 620 default: return(mDNSfalse); 621 } 622 } 623 624 // *************************************************************************** 625 #if COMPILER_LIKES_PRAGMA_MARK 626 #pragma mark - 627 #pragma mark - Domain Name Utility Functions 628 #endif 629 630 #if !APPLE_OSX_mDNSResponder 631 632 mDNSexport mDNSBool SameDomainLabel(const mDNSu8 *a, const mDNSu8 *b) 633 { 634 int i; 635 const int len = *a++; 636 637 if (len > MAX_DOMAIN_LABEL) 638 { debugf("Malformed label (too long)"); return(mDNSfalse); } 639 640 if (len != *b++) return(mDNSfalse); 641 for (i=0; i<len; i++) 642 { 643 mDNSu8 ac = *a++; 644 mDNSu8 bc = *b++; 645 if (mDNSIsUpperCase(ac)) ac += 'a' - 'A'; 646 if (mDNSIsUpperCase(bc)) bc += 'a' - 'A'; 647 if (ac != bc) return(mDNSfalse); 648 } 649 return(mDNStrue); 650 } 651 652 #endif // !APPLE_OSX_mDNSResponder 653 654 mDNSexport mDNSBool SameDomainName(const domainname *const d1, const domainname *const d2) 655 { 656 const mDNSu8 * a = d1->c; 657 const mDNSu8 * b = d2->c; 658 const mDNSu8 *const max = d1->c + MAX_DOMAIN_NAME; // Maximum that's valid 659 660 while (*a || *b) 661 { 662 if (a + 1 + *a >= max) 663 { debugf("Malformed domain name (more than 256 characters)"); return(mDNSfalse); } 664 if (!SameDomainLabel(a, b)) return(mDNSfalse); 665 a += 1 + *a; 666 b += 1 + *b; 667 } 668 669 return(mDNStrue); 670 } 671 672 mDNSexport mDNSBool SameDomainNameCS(const domainname *const d1, const domainname *const d2) 673 { 674 mDNSu16 l1 = DomainNameLength(d1); 675 mDNSu16 l2 = DomainNameLength(d2); 676 return(l1 <= MAX_DOMAIN_NAME && l1 == l2 && mDNSPlatformMemSame(d1, d2, l1)); 677 } 678 679 mDNSexport mDNSBool IsLocalDomain(const domainname *d) 680 { 681 // Domains that are defined to be resolved via link-local multicast are: 682 // local., 254.169.in-addr.arpa., and {8,9,A,B}.E.F.ip6.arpa. 683 static const domainname *nL = (const domainname*)"\x5" "local"; 684 static const domainname *nR = (const domainname*)"\x3" "254" "\x3" "169" "\x7" "in-addr" "\x4" "arpa"; 685 static const domainname *n8 = (const domainname*)"\x1" "8" "\x1" "e" "\x1" "f" "\x3" "ip6" "\x4" "arpa"; 686 static const domainname *n9 = (const domainname*)"\x1" "9" "\x1" "e" "\x1" "f" "\x3" "ip6" "\x4" "arpa"; 687 static const domainname *nA = (const domainname*)"\x1" "a" "\x1" "e" "\x1" "f" "\x3" "ip6" "\x4" "arpa"; 688 static const domainname *nB = (const domainname*)"\x1" "b" "\x1" "e" "\x1" "f" "\x3" "ip6" "\x4" "arpa"; 689 690 const domainname *d1, *d2, *d3, *d4, *d5; // Top-level domain, second-level domain, etc. 691 d1 = d2 = d3 = d4 = d5 = mDNSNULL; 692 while (d->c[0]) 693 { 694 d5 = d4; d4 = d3; d3 = d2; d2 = d1; d1 = d; 695 d = (const domainname*)(d->c + 1 + d->c[0]); 696 } 697 698 if (d1 && SameDomainName(d1, nL)) return(mDNStrue); 699 if (d4 && SameDomainName(d4, nR)) return(mDNStrue); 700 if (d5 && SameDomainName(d5, n8)) return(mDNStrue); 701 if (d5 && SameDomainName(d5, n9)) return(mDNStrue); 702 if (d5 && SameDomainName(d5, nA)) return(mDNStrue); 703 if (d5 && SameDomainName(d5, nB)) return(mDNStrue); 704 return(mDNSfalse); 705 } 706 707 mDNSexport const mDNSu8 *LastLabel(const domainname *d) 708 { 709 const mDNSu8 *p = d->c; 710 while (d->c[0]) 711 { 712 p = d->c; 713 d = (const domainname*)(d->c + 1 + d->c[0]); 714 } 715 return(p); 716 } 717 718 // Returns length of a domain name INCLUDING the byte for the final null label 719 // e.g. for the root label "." it returns one 720 // For the FQDN "com." it returns 5 (length byte, three data bytes, final zero) 721 // Legal results are 1 (just root label) to 256 (MAX_DOMAIN_NAME) 722 // If the given domainname is invalid, result is 257 (MAX_DOMAIN_NAME+1) 723 mDNSexport mDNSu16 DomainNameLengthLimit(const domainname *const name, const mDNSu8 *limit) 724 { 725 const mDNSu8 *src = name->c; 726 while (src < limit && *src <= MAX_DOMAIN_LABEL) 727 { 728 if (*src == 0) return((mDNSu16)(src - name->c + 1)); 729 src += 1 + *src; 730 } 731 return(MAX_DOMAIN_NAME+1); 732 } 733 734 // CompressedDomainNameLength returns the length of a domain name INCLUDING the byte 735 // for the final null label, e.g. for the root label "." it returns one. 736 // E.g. for the FQDN "foo.com." it returns 9 737 // (length, three data bytes, length, three more data bytes, final zero). 738 // In the case where a parent domain name is provided, and the given name is a child 739 // of that parent, CompressedDomainNameLength returns the length of the prefix portion 740 // of the child name, plus TWO bytes for the compression pointer. 741 // E.g. for the name "foo.com." with parent "com.", it returns 6 742 // (length, three data bytes, two-byte compression pointer). 743 mDNSexport mDNSu16 CompressedDomainNameLength(const domainname *const name, const domainname *parent) 744 { 745 const mDNSu8 *src = name->c; 746 if (parent && parent->c[0] == 0) parent = mDNSNULL; 747 while (*src) 748 { 749 if (*src > MAX_DOMAIN_LABEL) return(MAX_DOMAIN_NAME+1); 750 if (parent && SameDomainName((const domainname *)src, parent)) return((mDNSu16)(src - name->c + 2)); 751 src += 1 + *src; 752 if (src - name->c >= MAX_DOMAIN_NAME) return(MAX_DOMAIN_NAME+1); 753 } 754 return((mDNSu16)(src - name->c + 1)); 755 } 756 757 // CountLabels() returns number of labels in name, excluding final root label 758 // (e.g. for "apple.com." CountLabels returns 2.) 759 mDNSexport int CountLabels(const domainname *d) 760 { 761 int count = 0; 762 const mDNSu8 *ptr; 763 for (ptr = d->c; *ptr; ptr = ptr + ptr[0] + 1) count++; 764 return count; 765 } 766 767 // SkipLeadingLabels skips over the first 'skip' labels in the domainname, 768 // returning a pointer to the suffix with 'skip' labels removed. 769 mDNSexport const domainname *SkipLeadingLabels(const domainname *d, int skip) 770 { 771 while (skip > 0 && d->c[0]) { d = (const domainname *)(d->c + 1 + d->c[0]); skip--; } 772 return(d); 773 } 774 775 // AppendLiteralLabelString appends a single label to an existing (possibly empty) domainname. 776 // The C string contains the label as-is, with no escaping, etc. 777 // Any dots in the name are literal dots, not label separators 778 // If successful, AppendLiteralLabelString returns a pointer to the next unused byte 779 // in the domainname bufer (i.e. the next byte after the terminating zero). 780 // If unable to construct a legal domain name (i.e. label more than 63 bytes, or total more than 256 bytes) 781 // AppendLiteralLabelString returns mDNSNULL. 782 mDNSexport mDNSu8 *AppendLiteralLabelString(domainname *const name, const char *cstr) 783 { 784 mDNSu8 * ptr = name->c + DomainNameLength(name) - 1; // Find end of current name 785 const mDNSu8 *const lim1 = name->c + MAX_DOMAIN_NAME - 1; // Limit of how much we can add (not counting final zero) 786 const mDNSu8 *const lim2 = ptr + 1 + MAX_DOMAIN_LABEL; 787 const mDNSu8 *const lim = (lim1 < lim2) ? lim1 : lim2; 788 mDNSu8 *lengthbyte = ptr++; // Record where the length is going to go 789 790 while (*cstr && ptr < lim) *ptr++ = (mDNSu8)*cstr++; // Copy the data 791 *lengthbyte = (mDNSu8)(ptr - lengthbyte - 1); // Fill in the length byte 792 *ptr++ = 0; // Put the null root label on the end 793 if (*cstr) return(mDNSNULL); // Failure: We didn't successfully consume all input 794 else return(ptr); // Success: return new value of ptr 795 } 796 797 // AppendDNSNameString appends zero or more labels to an existing (possibly empty) domainname. 798 // The C string is in conventional DNS syntax: 799 // Textual labels, escaped as necessary using the usual DNS '\' notation, separated by dots. 800 // If successful, AppendDNSNameString returns a pointer to the next unused byte 801 // in the domainname bufer (i.e. the next byte after the terminating zero). 802 // If unable to construct a legal domain name (i.e. label more than 63 bytes, or total more than 256 bytes) 803 // AppendDNSNameString returns mDNSNULL. 804 mDNSexport mDNSu8 *AppendDNSNameString(domainname *const name, const char *cstring) 805 { 806 const char *cstr = cstring; 807 mDNSu8 * ptr = name->c + DomainNameLength(name) - 1; // Find end of current name 808 const mDNSu8 *const lim = name->c + MAX_DOMAIN_NAME - 1; // Limit of how much we can add (not counting final zero) 809 while (*cstr && ptr < lim) // While more characters, and space to put them... 810 { 811 mDNSu8 *lengthbyte = ptr++; // Record where the length is going to go 812 if (*cstr == '.') { LogMsg("AppendDNSNameString: Illegal empty label in name \"%s\"", cstring); return(mDNSNULL); } 813 while (*cstr && *cstr != '.' && ptr < lim) // While we have characters in the label... 814 { 815 mDNSu8 c = (mDNSu8)*cstr++; // Read the character 816 if (c == '\\') // If escape character, check next character 817 { 818 if (*cstr == '\0') break; // If this is the end of the string, then break 819 c = (mDNSu8)*cstr++; // Assume we'll just take the next character 820 if (mDNSIsDigit(cstr[-1]) && mDNSIsDigit(cstr[0]) && mDNSIsDigit(cstr[1])) 821 { // If three decimal digits, 822 int v0 = cstr[-1] - '0'; // then interpret as three-digit decimal 823 int v1 = cstr[ 0] - '0'; 824 int v2 = cstr[ 1] - '0'; 825 int val = v0 * 100 + v1 * 10 + v2; 826 if (val <= 255) { c = (mDNSu8)val; cstr += 2; } // If valid three-digit decimal value, use it 827 } 828 } 829 *ptr++ = c; // Write the character 830 } 831 if (*cstr == '.') cstr++; // Skip over the trailing dot (if present) 832 if (ptr - lengthbyte - 1 > MAX_DOMAIN_LABEL) // If illegal label, abort 833 return(mDNSNULL); 834 *lengthbyte = (mDNSu8)(ptr - lengthbyte - 1); // Fill in the length byte 835 } 836 837 *ptr++ = 0; // Put the null root label on the end 838 if (*cstr) return(mDNSNULL); // Failure: We didn't successfully consume all input 839 else return(ptr); // Success: return new value of ptr 840 } 841 842 // AppendDomainLabel appends a single label to a name. 843 // If successful, AppendDomainLabel returns a pointer to the next unused byte 844 // in the domainname bufer (i.e. the next byte after the terminating zero). 845 // If unable to construct a legal domain name (i.e. label more than 63 bytes, or total more than 256 bytes) 846 // AppendDomainLabel returns mDNSNULL. 847 mDNSexport mDNSu8 *AppendDomainLabel(domainname *const name, const domainlabel *const label) 848 { 849 int i; 850 mDNSu8 *ptr = name->c + DomainNameLength(name) - 1; 851 852 // Check label is legal 853 if (label->c[0] > MAX_DOMAIN_LABEL) return(mDNSNULL); 854 855 // Check that ptr + length byte + data bytes + final zero does not exceed our limit 856 if (ptr + 1 + label->c[0] + 1 > name->c + MAX_DOMAIN_NAME) return(mDNSNULL); 857 858 for (i=0; i<=label->c[0]; i++) *ptr++ = label->c[i]; // Copy the label data 859 *ptr++ = 0; // Put the null root label on the end 860 return(ptr); 861 } 862 863 mDNSexport mDNSu8 *AppendDomainName(domainname *const name, const domainname *const append) 864 { 865 mDNSu8 * ptr = name->c + DomainNameLength(name) - 1; // Find end of current name 866 const mDNSu8 *const lim = name->c + MAX_DOMAIN_NAME - 1; // Limit of how much we can add (not counting final zero) 867 const mDNSu8 * src = append->c; 868 while (src[0]) 869 { 870 int i; 871 if (ptr + 1 + src[0] > lim) return(mDNSNULL); 872 for (i=0; i<=src[0]; i++) *ptr++ = src[i]; 873 *ptr = 0; // Put the null root label on the end 874 src += i; 875 } 876 return(ptr); 877 } 878 879 // MakeDomainLabelFromLiteralString makes a single domain label from a single literal C string (with no escaping). 880 // If successful, MakeDomainLabelFromLiteralString returns mDNStrue. 881 // If unable to convert the whole string to a legal domain label (i.e. because length is more than 63 bytes) then 882 // MakeDomainLabelFromLiteralString makes a legal domain label from the first 63 bytes of the string and returns mDNSfalse. 883 // In some cases silently truncated oversized names to 63 bytes is acceptable, so the return result may be ignored. 884 // In other cases silent truncation may not be acceptable, so in those cases the calling function needs to check the return result. 885 mDNSexport mDNSBool MakeDomainLabelFromLiteralString(domainlabel *const label, const char *cstr) 886 { 887 mDNSu8 * ptr = label->c + 1; // Where we're putting it 888 const mDNSu8 *const limit = label->c + 1 + MAX_DOMAIN_LABEL; // The maximum we can put 889 while (*cstr && ptr < limit) *ptr++ = (mDNSu8)*cstr++; // Copy the label 890 label->c[0] = (mDNSu8)(ptr - label->c - 1); // Set the length byte 891 return(*cstr == 0); // Return mDNStrue if we successfully consumed all input 892 } 893 894 // MakeDomainNameFromDNSNameString makes a native DNS-format domainname from a C string. 895 // The C string is in conventional DNS syntax: 896 // Textual labels, escaped as necessary using the usual DNS '\' notation, separated by dots. 897 // If successful, MakeDomainNameFromDNSNameString returns a pointer to the next unused byte 898 // in the domainname bufer (i.e. the next byte after the terminating zero). 899 // If unable to construct a legal domain name (i.e. label more than 63 bytes, or total more than 256 bytes) 900 // MakeDomainNameFromDNSNameString returns mDNSNULL. 901 mDNSexport mDNSu8 *MakeDomainNameFromDNSNameString(domainname *const name, const char *cstr) 902 { 903 name->c[0] = 0; // Make an empty domain name 904 return(AppendDNSNameString(name, cstr)); // And then add this string to it 905 } 906 907 mDNSexport char *ConvertDomainLabelToCString_withescape(const domainlabel *const label, char *ptr, char esc) 908 { 909 const mDNSu8 * src = label->c; // Domain label we're reading 910 const mDNSu8 len = *src++; // Read length of this (non-null) label 911 const mDNSu8 *const end = src + len; // Work out where the label ends 912 if (len > MAX_DOMAIN_LABEL) return(mDNSNULL); // If illegal label, abort 913 while (src < end) // While we have characters in the label 914 { 915 mDNSu8 c = *src++; 916 if (esc) 917 { 918 if (c == '.' || c == esc) // If character is a dot or the escape character 919 *ptr++ = esc; // Output escape character 920 else if (c <= ' ') // If non-printing ascii, 921 { // Output decimal escape sequence 922 *ptr++ = esc; 923 *ptr++ = (char) ('0' + (c / 100) ); 924 *ptr++ = (char) ('0' + (c / 10) % 10); 925 c = (mDNSu8)('0' + (c ) % 10); 926 } 927 } 928 *ptr++ = (char)c; // Copy the character 929 } 930 *ptr = 0; // Null-terminate the string 931 return(ptr); // and return 932 } 933 934 // Note: To guarantee that there will be no possible overrun, cstr must be at least MAX_ESCAPED_DOMAIN_NAME (1009 bytes) 935 mDNSexport char *ConvertDomainNameToCString_withescape(const domainname *const name, char *ptr, char esc) 936 { 937 const mDNSu8 *src = name->c; // Domain name we're reading 938 const mDNSu8 *const max = name->c + MAX_DOMAIN_NAME; // Maximum that's valid 939 940 if (*src == 0) *ptr++ = '.'; // Special case: For root, just write a dot 941 942 while (*src) // While more characters in the domain name 943 { 944 if (src + 1 + *src >= max) return(mDNSNULL); 945 ptr = ConvertDomainLabelToCString_withescape((const domainlabel *)src, ptr, esc); 946 if (!ptr) return(mDNSNULL); 947 src += 1 + *src; 948 *ptr++ = '.'; // Write the dot after the label 949 } 950 951 *ptr++ = 0; // Null-terminate the string 952 return(ptr); // and return 953 } 954 955 // RFC 1034 rules: 956 // Host names must start with a letter, end with a letter or digit, 957 // and have as interior characters only letters, digits, and hyphen. 958 // This was subsequently modified in RFC 1123 to allow the first character to be either a letter or a digit 959 960 mDNSexport void ConvertUTF8PstringToRFC1034HostLabel(const mDNSu8 UTF8Name[], domainlabel *const hostlabel) 961 { 962 const mDNSu8 * src = &UTF8Name[1]; 963 const mDNSu8 *const end = &UTF8Name[1] + UTF8Name[0]; 964 mDNSu8 * ptr = &hostlabel->c[1]; 965 const mDNSu8 *const lim = &hostlabel->c[1] + MAX_DOMAIN_LABEL; 966 while (src < end) 967 { 968 // Delete apostrophes from source name 969 if (src[0] == '\'') { src++; continue; } // Standard straight single quote 970 if (src + 2 < end && src[0] == 0xE2 && src[1] == 0x80 && src[2] == 0x99) 971 { src += 3; continue; } // Unicode curly apostrophe 972 if (ptr < lim) 973 { 974 if (mDNSValidHostChar(*src, (ptr > &hostlabel->c[1]), (src < end-1))) *ptr++ = *src; 975 else if (ptr > &hostlabel->c[1] && ptr[-1] != '-') *ptr++ = '-'; 976 } 977 src++; 978 } 979 while (ptr > &hostlabel->c[1] && ptr[-1] == '-') ptr--; // Truncate trailing '-' marks 980 hostlabel->c[0] = (mDNSu8)(ptr - &hostlabel->c[1]); 981 } 982 983 mDNSexport mDNSu8 *ConstructServiceName(domainname *const fqdn, 984 const domainlabel *name, const domainname *type, const domainname *const domain) 985 { 986 int i, len; 987 mDNSu8 *dst = fqdn->c; 988 const mDNSu8 *src; 989 const char *errormsg; 990 #if APPLE_OSX_mDNSResponder 991 mDNSBool loggedUnderscore = mDNSfalse; 992 static char typeBuf[MAX_ESCAPED_DOMAIN_NAME]; 993 #endif 994 995 // In the case where there is no name (and ONLY in that case), 996 // a single-label subtype is allowed as the first label of a three-part "type" 997 if (!name && type) 998 { 999 const mDNSu8 *s0 = type->c; 1000 if (s0[0] && s0[0] < 0x40) // If legal first label (at least one character, and no more than 63) 1001 { 1002 const mDNSu8 * s1 = s0 + 1 + s0[0]; 1003 if (s1[0] && s1[0] < 0x40) // and legal second label (at least one character, and no more than 63) 1004 { 1005 const mDNSu8 *s2 = s1 + 1 + s1[0]; 1006 if (s2[0] && s2[0] < 0x40 && s2[1+s2[0]] == 0) // and we have three and only three labels 1007 { 1008 static const mDNSu8 SubTypeLabel[5] = mDNSSubTypeLabel; 1009 src = s0; // Copy the first label 1010 len = *src; 1011 for (i=0; i <= len; i++) *dst++ = *src++; 1012 for (i=0; i < (int)sizeof(SubTypeLabel); i++) *dst++ = SubTypeLabel[i]; 1013 type = (const domainname *)s1; 1014 1015 // Special support to enable the DNSServiceBrowse call made by Bonjour Browser 1016 // For these queries, we retract the "._sub" we just added between the subtype and the main type 1017 // Remove after Bonjour Browser is updated to use DNSServiceQueryRecord instead of DNSServiceBrowse 1018 if (SameDomainName((domainname*)s0, (const domainname*)"\x09_services\x07_dns-sd\x04_udp")) 1019 dst -= sizeof(SubTypeLabel); 1020 } 1021 } 1022 } 1023 } 1024 1025 if (name && name->c[0]) 1026 { 1027 src = name->c; // Put the service name into the domain name 1028 len = *src; 1029 if (len >= 0x40) { errormsg = "Service instance name too long"; goto fail; } 1030 for (i=0; i<=len; i++) *dst++ = *src++; 1031 } 1032 else 1033 name = (domainlabel*)""; // Set this up to be non-null, to avoid errors if we have to call LogMsg() below 1034 1035 src = type->c; // Put the service type into the domain name 1036 len = *src; 1037 if (len < 2 || len > 16) 1038 { 1039 LogMsg("Bad service type in %#s.%##s%##s Application protocol name must be underscore plus 1-15 characters. " 1040 "See <http://www.dns-sd.org/ServiceTypes.html>", name->c, type->c, domain->c); 1041 } 1042 if (len < 2 || len >= 0x40 || (len > 16 && !SameDomainName(domain, &localdomain))) return(mDNSNULL); 1043 if (src[1] != '_') { errormsg = "Application protocol name must begin with underscore"; goto fail; } 1044 for (i=2; i<=len; i++) 1045 { 1046 // Letters and digits are allowed anywhere 1047 if (mDNSIsLetter(src[i]) || mDNSIsDigit(src[i])) continue; 1048 // Hyphens are only allowed as interior characters 1049 // Underscores are not supposed to be allowed at all, but for backwards compatibility with some old products we do allow them, 1050 // with the same rule as hyphens 1051 if ((src[i] == '-' || src[i] == '_') && i > 2 && i < len) 1052 { 1053 #if APPLE_OSX_mDNSResponder 1054 if (src[i] == '_' && loggedUnderscore == mDNSfalse) 1055 { 1056 ConvertDomainNameToCString(type, typeBuf); 1057 LogInfo("ConstructServiceName: Service type with non-leading underscore %s", typeBuf); 1058 loggedUnderscore = mDNStrue; 1059 } 1060 #endif 1061 continue; 1062 } 1063 errormsg = "Application protocol name must contain only letters, digits, and hyphens"; 1064 goto fail; 1065 } 1066 for (i=0; i<=len; i++) *dst++ = *src++; 1067 1068 len = *src; 1069 if (!ValidTransportProtocol(src)) { errormsg = "Transport protocol name must be _udp or _tcp"; goto fail; } 1070 for (i=0; i<=len; i++) *dst++ = *src++; 1071 1072 if (*src) { errormsg = "Service type must have only two labels"; goto fail; } 1073 1074 *dst = 0; 1075 if (!domain->c[0]) { errormsg = "Service domain must be non-empty"; goto fail; } 1076 if (SameDomainName(domain, (const domainname*)"\x05" "local" "\x04" "arpa")) 1077 { errormsg = "Illegal domain \"local.arpa.\" Use \"local.\" (or empty string)"; goto fail; } 1078 dst = AppendDomainName(fqdn, domain); 1079 if (!dst) { errormsg = "Service domain too long"; goto fail; } 1080 return(dst); 1081 1082 fail: 1083 LogMsg("ConstructServiceName: %s: %#s.%##s%##s", errormsg, name->c, type->c, domain->c); 1084 return(mDNSNULL); 1085 } 1086 1087 // A service name has the form: instance.application-protocol.transport-protocol.domain 1088 // DeconstructServiceName is currently fairly forgiving: It doesn't try to enforce character 1089 // set or length limits for the protocol names, and the final domain is allowed to be empty. 1090 // However, if the given FQDN doesn't contain at least three labels, 1091 // DeconstructServiceName will reject it and return mDNSfalse. 1092 mDNSexport mDNSBool DeconstructServiceName(const domainname *const fqdn, 1093 domainlabel *const name, domainname *const type, domainname *const domain) 1094 { 1095 int i, len; 1096 const mDNSu8 *src = fqdn->c; 1097 const mDNSu8 *max = fqdn->c + MAX_DOMAIN_NAME; 1098 mDNSu8 *dst; 1099 1100 dst = name->c; // Extract the service name 1101 len = *src; 1102 if (!len) { debugf("DeconstructServiceName: FQDN empty!"); return(mDNSfalse); } 1103 if (len >= 0x40) { debugf("DeconstructServiceName: Instance name too long"); return(mDNSfalse); } 1104 for (i=0; i<=len; i++) *dst++ = *src++; 1105 1106 dst = type->c; // Extract the service type 1107 len = *src; 1108 if (!len) { debugf("DeconstructServiceName: FQDN contains only one label!"); return(mDNSfalse); } 1109 if (len >= 0x40) { debugf("DeconstructServiceName: Application protocol name too long"); return(mDNSfalse); } 1110 if (src[1] != '_') { debugf("DeconstructServiceName: No _ at start of application protocol"); return(mDNSfalse); } 1111 for (i=0; i<=len; i++) *dst++ = *src++; 1112 1113 len = *src; 1114 if (!len) { debugf("DeconstructServiceName: FQDN contains only two labels!"); return(mDNSfalse); } 1115 if (!ValidTransportProtocol(src)) 1116 { debugf("DeconstructServiceName: Transport protocol must be _udp or _tcp"); return(mDNSfalse); } 1117 for (i=0; i<=len; i++) *dst++ = *src++; 1118 *dst++ = 0; // Put terminator on the end of service type 1119 1120 dst = domain->c; // Extract the service domain 1121 while (*src) 1122 { 1123 len = *src; 1124 if (len >= 0x40) 1125 { debugf("DeconstructServiceName: Label in service domain too long"); return(mDNSfalse); } 1126 if (src + 1 + len + 1 >= max) 1127 { debugf("DeconstructServiceName: Total service domain too long"); return(mDNSfalse); } 1128 for (i=0; i<=len; i++) *dst++ = *src++; 1129 } 1130 *dst++ = 0; // Put the null root label on the end 1131 1132 return(mDNStrue); 1133 } 1134 1135 mDNSexport mStatus DNSNameToLowerCase(domainname *d, domainname *result) 1136 { 1137 const mDNSu8 *a = d->c; 1138 mDNSu8 *b = result->c; 1139 const mDNSu8 *const max = d->c + MAX_DOMAIN_NAME; 1140 int i, len; 1141 1142 while (*a) 1143 { 1144 if (a + 1 + *a >= max) 1145 { 1146 LogMsg("DNSNameToLowerCase: ERROR!! Malformed Domain name"); 1147 return mStatus_BadParamErr; 1148 } 1149 len = *a++; 1150 *b++ = len; 1151 for (i = 0; i < len; i++) 1152 { 1153 mDNSu8 ac = *a++; 1154 if (mDNSIsUpperCase(ac)) ac += 'a' - 'A'; 1155 *b++ = ac; 1156 } 1157 } 1158 *b = 0; 1159 1160 return mStatus_NoError; 1161 } 1162 1163 mDNSexport const mDNSu8 *NSEC3HashName(const domainname *name, rdataNSEC3 *nsec3, const mDNSu8 *AnonData, int AnonDataLen, 1164 const mDNSu8 hash[NSEC3_MAX_HASH_LEN], int *dlen) 1165 { 1166 AlgContext *ctx; 1167 unsigned int i; 1168 unsigned int iterations; 1169 domainname lname; 1170 mDNSu8 *p = (mDNSu8 *)&nsec3->salt; 1171 const mDNSu8 *digest; 1172 int digestlen; 1173 mDNSBool first = mDNStrue; 1174 1175 if (DNSNameToLowerCase((domainname *)name, &lname) != mStatus_NoError) 1176 { 1177 LogMsg("NSEC3HashName: ERROR!! DNSNameToLowerCase failed"); 1178 return mDNSNULL; 1179 } 1180 1181 digest = lname.c; 1182 digestlen = DomainNameLength(&lname); 1183 1184 // Note that it is "i <=". The first iteration is for digesting the name and salt. 1185 // The iteration count does not include that. 1186 iterations = swap16(nsec3->iterations); 1187 for (i = 0; i <= iterations; i++) 1188 { 1189 ctx = AlgCreate(DIGEST_ALG, nsec3->alg); 1190 if (!ctx) 1191 { 1192 LogMsg("NSEC3HashName: ERROR!! Cannot allocate context"); 1193 return mDNSNULL; 1194 } 1195 1196 AlgAdd(ctx, digest, digestlen); 1197 if (nsec3->saltLength) 1198 AlgAdd(ctx, p, nsec3->saltLength); 1199 if (AnonDataLen) 1200 AlgAdd(ctx, AnonData, AnonDataLen); 1201 if (first) 1202 { 1203 first = mDNSfalse; 1204 digest = hash; 1205 digestlen = AlgLength(ctx); 1206 } 1207 AlgFinal(ctx, (void *)digest, digestlen); 1208 AlgDestroy(ctx); 1209 } 1210 *dlen = digestlen; 1211 return digest; 1212 } 1213 1214 // Notes on UTF-8: 1215 // 0xxxxxxx represents a 7-bit ASCII value from 0x00 to 0x7F 1216 // 10xxxxxx is a continuation byte of a multi-byte character 1217 // 110xxxxx is the first byte of a 2-byte character (11 effective bits; values 0x 80 - 0x 800-1) 1218 // 1110xxxx is the first byte of a 3-byte character (16 effective bits; values 0x 800 - 0x 10000-1) 1219 // 11110xxx is the first byte of a 4-byte character (21 effective bits; values 0x 10000 - 0x 200000-1) 1220 // 111110xx is the first byte of a 5-byte character (26 effective bits; values 0x 200000 - 0x 4000000-1) 1221 // 1111110x is the first byte of a 6-byte character (31 effective bits; values 0x4000000 - 0x80000000-1) 1222 // 1223 // UTF-16 surrogate pairs are used in UTF-16 to encode values larger than 0xFFFF. 1224 // Although UTF-16 surrogate pairs are not supposed to appear in legal UTF-8, we want to be defensive 1225 // about that too. (See <http://www.unicode.org/faq/utf_bom.html#34>, "What are surrogates?") 1226 // The first of pair is a UTF-16 value in the range 0xD800-0xDBFF (11101101 1010xxxx 10xxxxxx in UTF-8), 1227 // and the second is a UTF-16 value in the range 0xDC00-0xDFFF (11101101 1011xxxx 10xxxxxx in UTF-8). 1228 1229 mDNSexport mDNSu32 TruncateUTF8ToLength(mDNSu8 *string, mDNSu32 length, mDNSu32 max) 1230 { 1231 if (length > max) 1232 { 1233 mDNSu8 c1 = string[max]; // First byte after cut point 1234 mDNSu8 c2 = (max+1 < length) ? string[max+1] : (mDNSu8)0xB0; // Second byte after cut point 1235 length = max; // Trim length down 1236 while (length > 0) 1237 { 1238 // Check if the byte right after the chop point is a UTF-8 continuation byte, 1239 // or if the character right after the chop point is the second of a UTF-16 surrogate pair. 1240 // If so, then we continue to chop more bytes until we get to a legal chop point. 1241 mDNSBool continuation = ((c1 & 0xC0) == 0x80); 1242 mDNSBool secondsurrogate = (c1 == 0xED && (c2 & 0xF0) == 0xB0); 1243 if (!continuation && !secondsurrogate) break; 1244 c2 = c1; 1245 c1 = string[--length]; 1246 } 1247 // Having truncated characters off the end of our string, also cut off any residual white space 1248 while (length > 0 && string[length-1] <= ' ') length--; 1249 } 1250 return(length); 1251 } 1252 1253 // Returns true if a rich text label ends in " (nnn)", or if an RFC 1034 1254 // name ends in "-nnn", where n is some decimal number. 1255 mDNSexport mDNSBool LabelContainsSuffix(const domainlabel *const name, const mDNSBool RichText) 1256 { 1257 mDNSu16 l = name->c[0]; 1258 1259 if (RichText) 1260 { 1261 if (l < 4) return mDNSfalse; // Need at least " (2)" 1262 if (name->c[l--] != ')') return mDNSfalse; // Last char must be ')' 1263 if (!mDNSIsDigit(name->c[l])) return mDNSfalse; // Preceeded by a digit 1264 l--; 1265 while (l > 2 && mDNSIsDigit(name->c[l])) l--; // Strip off digits 1266 return (name->c[l] == '(' && name->c[l - 1] == ' '); 1267 } 1268 else 1269 { 1270 if (l < 2) return mDNSfalse; // Need at least "-2" 1271 if (!mDNSIsDigit(name->c[l])) return mDNSfalse; // Last char must be a digit 1272 l--; 1273 while (l > 2 && mDNSIsDigit(name->c[l])) l--; // Strip off digits 1274 return (name->c[l] == '-'); 1275 } 1276 } 1277 1278 // removes an auto-generated suffix (appended on a name collision) from a label. caller is 1279 // responsible for ensuring that the label does indeed contain a suffix. returns the number 1280 // from the suffix that was removed. 1281 mDNSexport mDNSu32 RemoveLabelSuffix(domainlabel *name, mDNSBool RichText) 1282 { 1283 mDNSu32 val = 0, multiplier = 1; 1284 1285 // Chop closing parentheses from RichText suffix 1286 if (RichText && name->c[0] >= 1 && name->c[name->c[0]] == ')') name->c[0]--; 1287 1288 // Get any existing numerical suffix off the name 1289 while (mDNSIsDigit(name->c[name->c[0]])) 1290 { val += (name->c[name->c[0]] - '0') * multiplier; multiplier *= 10; name->c[0]--; } 1291 1292 // Chop opening parentheses or dash from suffix 1293 if (RichText) 1294 { 1295 if (name->c[0] >= 2 && name->c[name->c[0]] == '(' && name->c[name->c[0]-1] == ' ') name->c[0] -= 2; 1296 } 1297 else 1298 { 1299 if (name->c[0] >= 1 && name->c[name->c[0]] == '-') name->c[0] -= 1; 1300 } 1301 1302 return(val); 1303 } 1304 1305 // appends a numerical suffix to a label, with the number following a whitespace and enclosed 1306 // in parentheses (rich text) or following two consecutive hyphens (RFC 1034 domain label). 1307 mDNSexport void AppendLabelSuffix(domainlabel *const name, mDNSu32 val, const mDNSBool RichText) 1308 { 1309 mDNSu32 divisor = 1, chars = 2; // Shortest possible RFC1034 name suffix is 2 characters ("-2") 1310 if (RichText) chars = 4; // Shortest possible RichText suffix is 4 characters (" (2)") 1311 1312 // Truncate trailing spaces from RichText names 1313 if (RichText) while (name->c[name->c[0]] == ' ') name->c[0]--; 1314 1315 while (divisor < 0xFFFFFFFFUL/10 && val >= divisor * 10) { divisor *= 10; chars++; } 1316 1317 name->c[0] = (mDNSu8) TruncateUTF8ToLength(name->c+1, name->c[0], MAX_DOMAIN_LABEL - chars); 1318 1319 if (RichText) { name->c[++name->c[0]] = ' '; name->c[++name->c[0]] = '('; } 1320 else { name->c[++name->c[0]] = '-'; } 1321 1322 while (divisor) 1323 { 1324 name->c[++name->c[0]] = (mDNSu8)('0' + val / divisor); 1325 val %= divisor; 1326 divisor /= 10; 1327 } 1328 1329 if (RichText) name->c[++name->c[0]] = ')'; 1330 } 1331 1332 mDNSexport void IncrementLabelSuffix(domainlabel *name, mDNSBool RichText) 1333 { 1334 mDNSu32 val = 0; 1335 1336 if (LabelContainsSuffix(name, RichText)) 1337 val = RemoveLabelSuffix(name, RichText); 1338 1339 // If no existing suffix, start by renaming "Foo" as "Foo (2)" or "Foo-2" as appropriate. 1340 // If existing suffix in the range 2-9, increment it. 1341 // If we've had ten conflicts already, there are probably too many hosts trying to use the same name, 1342 // so add a random increment to improve the chances of finding an available name next time. 1343 if (val == 0) val = 2; 1344 else if (val < 10) val++; 1345 else val += 1 + mDNSRandom(99); 1346 1347 AppendLabelSuffix(name, val, RichText); 1348 } 1349 1350 // *************************************************************************** 1351 #if COMPILER_LIKES_PRAGMA_MARK 1352 #pragma mark - 1353 #pragma mark - Resource Record Utility Functions 1354 #endif 1355 1356 // Set up a AuthRecord with sensible default values. 1357 // These defaults may be overwritten with new values before mDNS_Register is called 1358 mDNSexport void mDNS_SetupResourceRecord(AuthRecord *rr, RData *RDataStorage, mDNSInterfaceID InterfaceID, 1359 mDNSu16 rrtype, mDNSu32 ttl, mDNSu8 RecordType, AuthRecType artype, mDNSRecordCallback Callback, void *Context) 1360 { 1361 // 1362 // LocalOnly auth record can be created with LocalOnly InterfaceID or a valid InterfaceID. 1363 // Most of the applications normally create with LocalOnly InterfaceID and we store them as 1364 // such, so that we can deliver the response to questions that specify LocalOnly InterfaceID. 1365 // LocalOnly resource records can also be created with valid InterfaceID which happens today 1366 // when we create LocalOnly records for /etc/hosts. 1367 1368 if (InterfaceID == mDNSInterface_LocalOnly && artype != AuthRecordLocalOnly) 1369 { 1370 LogMsg("mDNS_SetupResourceRecord: ERROR!! Mismatch LocalOnly record InterfaceID %p called with artype %d", InterfaceID, artype); 1371 } 1372 else if (InterfaceID == mDNSInterface_P2P && artype != AuthRecordP2P) 1373 { 1374 LogMsg("mDNS_SetupResourceRecord: ERROR!! Mismatch P2P record InterfaceID %p called with artype %d", InterfaceID, artype); 1375 } 1376 else if (!InterfaceID && (artype == AuthRecordP2P || artype == AuthRecordLocalOnly)) 1377 { 1378 LogMsg("mDNS_SetupResourceRecord: ERROR!! Mismatch InterfaceAny record InterfaceID %p called with artype %d", InterfaceID, artype); 1379 } 1380 1381 // Don't try to store a TTL bigger than we can represent in platform time units 1382 if (ttl > 0x7FFFFFFFUL / mDNSPlatformOneSecond) 1383 ttl = 0x7FFFFFFFUL / mDNSPlatformOneSecond; 1384 else if (ttl == 0) // And Zero TTL is illegal 1385 ttl = DefaultTTLforRRType(rrtype); 1386 1387 // Field Group 1: The actual information pertaining to this resource record 1388 rr->resrec.RecordType = RecordType; 1389 rr->resrec.InterfaceID = InterfaceID; 1390 rr->resrec.name = &rr->namestorage; 1391 rr->resrec.rrtype = rrtype; 1392 rr->resrec.rrclass = kDNSClass_IN; 1393 rr->resrec.rroriginalttl = ttl; 1394 rr->resrec.rDNSServer = mDNSNULL; 1395 rr->resrec.AnonInfo = mDNSNULL; 1396 // rr->resrec.rdlength = MUST set by client and/or in mDNS_Register_internal 1397 // rr->resrec.rdestimate = set in mDNS_Register_internal 1398 // rr->resrec.rdata = MUST be set by client 1399 1400 if (RDataStorage) 1401 rr->resrec.rdata = RDataStorage; 1402 else 1403 { 1404 rr->resrec.rdata = &rr->rdatastorage; 1405 rr->resrec.rdata->MaxRDLength = sizeof(RDataBody); 1406 } 1407 1408 // Field Group 2: Persistent metadata for Authoritative Records 1409 rr->Additional1 = mDNSNULL; 1410 rr->Additional2 = mDNSNULL; 1411 rr->DependentOn = mDNSNULL; 1412 rr->RRSet = mDNSNULL; 1413 rr->RecordCallback = Callback; 1414 rr->RecordContext = Context; 1415 1416 rr->AutoTarget = Target_Manual; 1417 rr->AllowRemoteQuery = mDNSfalse; 1418 rr->ForceMCast = mDNSfalse; 1419 1420 rr->WakeUp = zeroOwner; 1421 rr->AddressProxy = zeroAddr; 1422 rr->TimeRcvd = 0; 1423 rr->TimeExpire = 0; 1424 rr->ARType = artype; 1425 rr->AuthFlags = 0; 1426 1427 // Field Group 3: Transient state for Authoritative Records (set in mDNS_Register_internal) 1428 // Field Group 4: Transient uDNS state for Authoritative Records (set in mDNS_Register_internal) 1429 1430 // For now, until the uDNS code is fully integrated, it's helpful to zero the uDNS state fields here too, just in case 1431 // (e.g. uDNS_RegisterService short-circuits the usual mDNS_Register_internal record registration calls, so a bunch 1432 // of fields don't get set up properly. In particular, if we don't zero rr->QueuedRData then the uDNS code crashes.) 1433 rr->state = regState_Zero; 1434 rr->uselease = 0; 1435 rr->expire = 0; 1436 rr->Private = 0; 1437 rr->updateid = zeroID; 1438 rr->zone = rr->resrec.name; 1439 rr->nta = mDNSNULL; 1440 rr->tcp = mDNSNULL; 1441 rr->OrigRData = 0; 1442 rr->OrigRDLen = 0; 1443 rr->InFlightRData = 0; 1444 rr->InFlightRDLen = 0; 1445 rr->QueuedRData = 0; 1446 rr->QueuedRDLen = 0; 1447 mDNSPlatformMemZero(&rr->NATinfo, sizeof(rr->NATinfo)); 1448 rr->SRVChanged = mDNSfalse; 1449 rr->mState = mergeState_Zero; 1450 1451 rr->namestorage.c[0] = 0; // MUST be set by client before calling mDNS_Register() 1452 } 1453 1454 mDNSexport void mDNS_SetupQuestion(DNSQuestion *const q, const mDNSInterfaceID InterfaceID, const domainname *const name, 1455 const mDNSu16 qtype, mDNSQuestionCallback *const callback, void *const context) 1456 { 1457 q->InterfaceID = InterfaceID; 1458 q->flags = 0; 1459 q->Target = zeroAddr; 1460 AssignDomainName(&q->qname, name); 1461 q->qtype = qtype; 1462 q->qclass = kDNSClass_IN; 1463 q->LongLived = (qtype == kDNSType_PTR); 1464 q->ExpectUnique = (qtype != kDNSType_PTR); 1465 q->ForceMCast = mDNSfalse; 1466 q->ReturnIntermed = mDNSfalse; 1467 q->SuppressUnusable = mDNSfalse; 1468 q->SearchListIndex = 0; 1469 q->AppendSearchDomains = 0; 1470 q->RetryWithSearchDomains = mDNSfalse; 1471 q->TimeoutQuestion = 0; 1472 q->WakeOnResolve = 0; 1473 q->UseBackgroundTrafficClass = mDNSfalse; 1474 q->ValidationRequired = 0; 1475 q->ValidatingResponse = 0; 1476 q->ProxyQuestion = 0; 1477 q->qnameOrig = mDNSNULL; 1478 q->AnonInfo = mDNSNULL; 1479 q->pid = mDNSPlatformGetPID(); 1480 q->euid = 0; 1481 q->DisallowPID = mDNSfalse; 1482 q->ServiceID = -1; 1483 q->QuestionCallback = callback; 1484 q->QuestionContext = context; 1485 } 1486 1487 mDNSexport mDNSu32 RDataHashValue(const ResourceRecord *const rr) 1488 { 1489 int len = rr->rdlength; 1490 const RDataBody2 *const rdb = (RDataBody2 *)rr->rdata->u.data; 1491 const mDNSu8 *ptr = rdb->data; 1492 mDNSu32 sum = 0; 1493 1494 switch(rr->rrtype) 1495 { 1496 case kDNSType_NS: 1497 case kDNSType_MD: 1498 case kDNSType_MF: 1499 case kDNSType_CNAME: 1500 case kDNSType_MB: 1501 case kDNSType_MG: 1502 case kDNSType_MR: 1503 case kDNSType_PTR: 1504 case kDNSType_NSAP_PTR: 1505 case kDNSType_DNAME: return DomainNameHashValue(&rdb->name); 1506 1507 case kDNSType_SOA: return rdb->soa.serial + 1508 rdb->soa.refresh + 1509 rdb->soa.retry + 1510 rdb->soa.expire + 1511 rdb->soa.min + 1512 DomainNameHashValue(&rdb->soa.mname) + 1513 DomainNameHashValue(&rdb->soa.rname); 1514 1515 case kDNSType_MX: 1516 case kDNSType_AFSDB: 1517 case kDNSType_RT: 1518 case kDNSType_KX: return DomainNameHashValue(&rdb->mx.exchange); 1519 1520 case kDNSType_MINFO: 1521 case kDNSType_RP: return DomainNameHashValue(&rdb->rp.mbox) + DomainNameHashValue(&rdb->rp.txt); 1522 1523 case kDNSType_PX: return DomainNameHashValue(&rdb->px.map822) + DomainNameHashValue(&rdb->px.mapx400); 1524 1525 case kDNSType_SRV: return DomainNameHashValue(&rdb->srv.target); 1526 1527 case kDNSType_OPT: return 0; // OPT is a pseudo-RR container structure; makes no sense to compare 1528 1529 case kDNSType_NSEC: { 1530 int dlen; 1531 dlen = DomainNameLength((domainname *)rdb->data); 1532 sum = DomainNameHashValue((domainname *)rdb->data); 1533 ptr += dlen; 1534 len -= dlen; 1535 } 1536 /* FALLTHROUGH */ 1537 1538 default: 1539 { 1540 int i; 1541 for (i=0; i+1 < len; i+=2) 1542 { 1543 sum += (((mDNSu32)(ptr[i])) << 8) | ptr[i+1]; 1544 sum = (sum<<3) | (sum>>29); 1545 } 1546 if (i < len) 1547 { 1548 sum += ((mDNSu32)(ptr[i])) << 8; 1549 } 1550 return(sum); 1551 } 1552 } 1553 } 1554 1555 // r1 has to be a full ResourceRecord including rrtype and rdlength 1556 // r2 is just a bare RDataBody, which MUST be the same rrtype and rdlength as r1 1557 mDNSexport mDNSBool SameRDataBody(const ResourceRecord *const r1, const RDataBody *const r2, DomainNameComparisonFn *samename) 1558 { 1559 const RDataBody2 *const b1 = (RDataBody2 *)r1->rdata->u.data; 1560 const RDataBody2 *const b2 = (RDataBody2 *)r2; 1561 switch(r1->rrtype) 1562 { 1563 case kDNSType_NS: 1564 case kDNSType_MD: 1565 case kDNSType_MF: 1566 case kDNSType_CNAME: 1567 case kDNSType_MB: 1568 case kDNSType_MG: 1569 case kDNSType_MR: 1570 case kDNSType_PTR: 1571 case kDNSType_NSAP_PTR: 1572 case kDNSType_DNAME: return(SameDomainName(&b1->name, &b2->name)); 1573 1574 case kDNSType_SOA: return (mDNSBool)( b1->soa.serial == b2->soa.serial && 1575 b1->soa.refresh == b2->soa.refresh && 1576 b1->soa.retry == b2->soa.retry && 1577 b1->soa.expire == b2->soa.expire && 1578 b1->soa.min == b2->soa.min && 1579 samename(&b1->soa.mname, &b2->soa.mname) && 1580 samename(&b1->soa.rname, &b2->soa.rname)); 1581 1582 case kDNSType_MX: 1583 case kDNSType_AFSDB: 1584 case kDNSType_RT: 1585 case kDNSType_KX: return (mDNSBool)( b1->mx.preference == b2->mx.preference && 1586 samename(&b1->mx.exchange, &b2->mx.exchange)); 1587 1588 case kDNSType_MINFO: 1589 case kDNSType_RP: return (mDNSBool)( samename(&b1->rp.mbox, &b2->rp.mbox) && 1590 samename(&b1->rp.txt, &b2->rp.txt)); 1591 1592 case kDNSType_PX: return (mDNSBool)( b1->px.preference == b2->px.preference && 1593 samename(&b1->px.map822, &b2->px.map822) && 1594 samename(&b1->px.mapx400, &b2->px.mapx400)); 1595 1596 case kDNSType_SRV: return (mDNSBool)( b1->srv.priority == b2->srv.priority && 1597 b1->srv.weight == b2->srv.weight && 1598 mDNSSameIPPort(b1->srv.port, b2->srv.port) && 1599 samename(&b1->srv.target, &b2->srv.target)); 1600 1601 case kDNSType_OPT: return mDNSfalse; // OPT is a pseudo-RR container structure; makes no sense to compare 1602 case kDNSType_NSEC: { 1603 // If the "nxt" name changes in case, we want to delete the old 1604 // and store just the new one. If the caller passes in SameDomainCS for "samename", 1605 // we would return "false" when the only change between the two rdata is the case 1606 // change in "nxt". 1607 // 1608 // Note: rdlength of both the RData are same (ensured by the caller) and hence we can 1609 // use just r1->rdlength below 1610 1611 int dlen1 = DomainNameLength((domainname *)b1->data); 1612 int dlen2 = DomainNameLength((domainname *)b2->data); 1613 return (mDNSBool)(dlen1 == dlen2 && 1614 samename((domainname *)b1->data, (domainname *)b2->data) && 1615 mDNSPlatformMemSame(b1->data + dlen1, b2->data + dlen2, r1->rdlength - dlen1)); 1616 } 1617 1618 default: return(mDNSPlatformMemSame(b1->data, b2->data, r1->rdlength)); 1619 } 1620 } 1621 1622 mDNSexport mDNSBool BitmapTypeCheck(mDNSu8 *bmap, int bitmaplen, mDNSu16 type) 1623 { 1624 int win, wlen; 1625 int wintype; 1626 1627 // The window that this type belongs to. NSEC has 256 windows that 1628 // comprises of 256 types. 1629 wintype = type >> 8; 1630 1631 while (bitmaplen > 0) 1632 { 1633 if (bitmaplen < 3) 1634 { 1635 LogInfo("BitmapTypeCheck: malformed nsec, bitmaplen %d short", bitmaplen); 1636 return mDNSfalse; 1637 } 1638 1639 win = *bmap++; 1640 wlen = *bmap++; 1641 bitmaplen -= 2; 1642 if (bitmaplen < wlen || wlen < 1 || wlen > 32) 1643 { 1644 LogInfo("BitmapTypeCheck: malformed nsec, bitmaplen %d wlen %d, win %d", bitmaplen, wlen, win); 1645 return mDNSfalse; 1646 } 1647 if (win < 0 || win >= 256) 1648 { 1649 LogInfo("BitmapTypeCheck: malformed nsec, wlen %d", wlen); 1650 return mDNSfalse; 1651 } 1652 if (win == wintype) 1653 { 1654 // First byte in the window serves 0 to 7, the next one serves 8 to 15 and so on. 1655 // Calculate the right byte offset first. 1656 int boff = (type & 0xff ) >> 3; 1657 if (wlen <= boff) 1658 return mDNSfalse; 1659 // The last three bits values 0 to 7 corresponds to bit positions 1660 // within the byte. 1661 return (bmap[boff] & (0x80 >> (type & 7))); 1662 } 1663 else 1664 { 1665 // If the windows are ordered, then we could check to see 1666 // if wintype > win and then return early. 1667 bmap += wlen; 1668 bitmaplen -= wlen; 1669 } 1670 } 1671 return mDNSfalse; 1672 } 1673 1674 // Don't call this function if the resource record is not NSEC. It will return false 1675 // which means that the type does not exist. 1676 mDNSexport mDNSBool RRAssertsExistence(const ResourceRecord *const rr, mDNSu16 type) 1677 { 1678 const RDataBody2 *const rdb = (RDataBody2 *)rr->rdata->u.data; 1679 mDNSu8 *nsec = (mDNSu8 *)rdb->data; 1680 int len, bitmaplen; 1681 mDNSu8 *bmap; 1682 1683 if (rr->rrtype != kDNSType_NSEC) return mDNSfalse; 1684 1685 len = DomainNameLength((domainname *)nsec); 1686 1687 bitmaplen = rr->rdlength - len; 1688 bmap = nsec + len; 1689 return (BitmapTypeCheck(bmap, bitmaplen, type)); 1690 } 1691 1692 // Don't call this function if the resource record is not NSEC. It will return false 1693 // which means that the type exists. 1694 mDNSexport mDNSBool RRAssertsNonexistence(const ResourceRecord *const rr, mDNSu16 type) 1695 { 1696 if (rr->rrtype != kDNSType_NSEC) return mDNSfalse; 1697 1698 return !RRAssertsExistence(rr, type); 1699 } 1700 1701 // Checks whether the RRSIG or NSEC record answers the question "q". 1702 mDNSlocal mDNSBool DNSSECRecordAnswersQuestion(const ResourceRecord *const rr, const DNSQuestion *const q, mDNSBool *checkType) 1703 { 1704 *checkType = mDNStrue; 1705 1706 // This function is called for all questions and as long as the type matches, 1707 // return true. For the types (RRSIG and NSEC) that are specifically checked in 1708 // this function, returning true still holds good. 1709 if (q->qtype == rr->rrtype) 1710 return mDNStrue; 1711 1712 // For DS and DNSKEY questions, the types should match i.e., don't answer using CNAME 1713 // records as it answers any question type. 1714 // 1715 // - DS record comes from the parent zone where CNAME record cannot coexist and hence 1716 // cannot possibly answer it. 1717 // 1718 // - For DNSKEY, one could potentially follow CNAME but there could be a DNSKEY at 1719 // the "qname" itself. To keep it simple, we don't follow CNAME. 1720 1721 if ((q->qtype == kDNSType_DS || q->qtype == kDNSType_DNSKEY) && (q->qtype != rr->rrtype)) 1722 { 1723 debugf("DNSSECRecordAnswersQuestion: %d type resource record matched question %##s (%s), ignoring", rr->rrtype, 1724 q->qname.c, DNSTypeName(q->qtype)); 1725 return mDNSfalse; 1726 } 1727 1728 // If we are validating a response using DNSSEC, we might already have the records 1729 // for the "q->qtype" in the cache but we issued a query with DO bit set 1730 // to get the RRSIGs e.g., if you have two questions one of which does not require 1731 // DNSSEC validation. When the RRSIG is added to the cache, we need to deliver 1732 // the response to the question. The RRSIG type won't match the q->qtype and hence 1733 // we need to bypass the check in that case. 1734 if (rr->rrtype == kDNSType_RRSIG && q->ValidatingResponse) 1735 { 1736 const RDataBody2 *const rdb = (RDataBody2 *)rr->rdata->u.data; 1737 rdataRRSig *rrsig = (rdataRRSig *)rdb->data; 1738 mDNSu16 typeCovered = swap16(rrsig->typeCovered); 1739 debugf("DNSSECRecordAnswersQuestion: Matching RRSIG typeCovered %s", DNSTypeName(typeCovered)); 1740 if (typeCovered != kDNSType_CNAME && typeCovered != q->qtype) 1741 { 1742 debugf("DNSSECRecordAnswersQuestion: RRSIG did not match question %##s (%s)", q->qname.c, 1743 DNSTypeName(q->qtype)); 1744 return mDNSfalse; 1745 } 1746 LogInfo("DNSSECRecordAnswersQuestion: RRSIG matched question %##s (%s)", q->qname.c, 1747 DNSTypeName(q->qtype)); 1748 *checkType = mDNSfalse; 1749 return mDNStrue; 1750 } 1751 // If the NSEC record asserts the non-existence of a name looked up by the question, we would 1752 // typically answer that e.g., the bitmap asserts that q->qtype does not exist. If we have 1753 // to prove the non-existence as required by ValidatingResponse and ValidationRequired question, 1754 // then we should not answer that as it may not be the right one always. We may need more than 1755 // one NSEC to prove the non-existence. 1756 if (rr->rrtype == kDNSType_NSEC && DNSSECQuestion(q)) 1757 { 1758 debugf("DNSSECRecordAnswersQuestion: Question %##s (%s) matched record %##s (NSEC)", q->qname.c, 1759 DNSTypeName(q->qtype), rr->name->c); 1760 return mDNSfalse; 1761 } 1762 return mDNStrue; 1763 } 1764 1765 // ResourceRecordAnswersQuestion returns mDNStrue if the given resource record is a valid answer to the given question. 1766 // SameNameRecordAnswersQuestion is the same, except it skips the expensive SameDomainName() call. 1767 // SameDomainName() is generally cheap when the names don't match, but expensive when they do match, 1768 // because it has to check all the way to the end of the names to be sure. 1769 // In cases where we know in advance that the names match it's especially advantageous to skip the 1770 // SameDomainName() call because that's precisely the time when it's most expensive and least useful. 1771 1772 mDNSexport mDNSBool SameNameRecordAnswersQuestion(const ResourceRecord *const rr, const DNSQuestion *const q) 1773 { 1774 mDNSBool checkType = mDNStrue; 1775 1776 // LocalOnly/P2P questions can be answered with AuthRecordAny in this function. LocalOnly/P2P records 1777 // are handled in LocalOnlyRecordAnswersQuestion 1778 if (LocalOnlyOrP2PInterface(rr->InterfaceID)) 1779 { 1780 LogMsg("SameNameRecordAnswersQuestion: ERROR!! called with LocalOnly ResourceRecord %p, Question %p", rr->InterfaceID, q->InterfaceID); 1781 return mDNSfalse; 1782 } 1783 if (QuerySuppressed(q)) 1784 return mDNSfalse; 1785 1786 if (rr->InterfaceID && 1787 q->InterfaceID && q->InterfaceID != mDNSInterface_LocalOnly && 1788 rr->InterfaceID != q->InterfaceID) return(mDNSfalse); 1789 1790 // Resource record received via unicast, the resolver group ID should match ? 1791 if (!rr->InterfaceID) 1792 { 1793 mDNSu16 idr = (rr->rDNSServer ? rr->rDNSServer->resGroupID : 0); 1794 mDNSu16 idq = (q->qDNSServer ? q->qDNSServer->resGroupID : 0); 1795 if (idr != idq) return(mDNSfalse); 1796 if (!DNSSECRecordAnswersQuestion(rr, q, &checkType)) return mDNSfalse; 1797 } 1798 1799 // If ResourceRecord received via multicast, but question was unicast, then shouldn't use record to answer this question 1800 if (rr->InterfaceID && !mDNSOpaque16IsZero(q->TargetQID)) return(mDNSfalse); 1801 1802 // CNAME answers question of any type and a negative cache record should not prevent us from querying other 1803 // valid types at the same name. 1804 if (rr->rrtype == kDNSType_CNAME && rr->RecordType == kDNSRecordTypePacketNegative && rr->rrtype != q->qtype) 1805 return mDNSfalse; 1806 1807 // RR type CNAME matches any query type. QTYPE ANY matches any RR type. QCLASS ANY matches any RR class. 1808 if (checkType && !RRTypeAnswersQuestionType(rr,q->qtype)) return(mDNSfalse); 1809 if (rr->rrclass != q->qclass && q->qclass != kDNSQClass_ANY) return(mDNSfalse); 1810 1811 #if APPLE_OSX_mDNSResponder 1812 if (!mDNSPlatformValidRecordForQuestion(rr, q)) 1813 return mDNSfalse; 1814 #endif // APPLE_OSX_mDNSResponder 1815 1816 if (!AnonInfoAnswersQuestion(rr, q)) 1817 return mDNSfalse; 1818 1819 return(mDNStrue); 1820 } 1821 1822 mDNSexport mDNSBool ResourceRecordAnswersQuestion(const ResourceRecord *const rr, const DNSQuestion *const q) 1823 { 1824 if (!SameNameRecordAnswersQuestion(rr, q)) 1825 return mDNSfalse; 1826 1827 return(rr->namehash == q->qnamehash && SameDomainName(rr->name, &q->qname)); 1828 } 1829 1830 // We have a separate function to handle LocalOnly AuthRecords because they can be created with 1831 // a valid InterfaceID (e.g., scoped /etc/hosts) and can be used to answer unicast questions unlike 1832 // multicast resource records (which has a valid InterfaceID) which can't be used to answer 1833 // unicast questions. ResourceRecordAnswersQuestion/SameNameRecordAnswersQuestion can't tell whether 1834 // a resource record is multicast or LocalOnly by just looking at the ResourceRecord because 1835 // LocalOnly records are truly identified by ARType in the AuthRecord. As P2P and LocalOnly record 1836 // are kept in the same hash table, we use the same function to make it easy for the callers when 1837 // they walk the hash table to answer LocalOnly/P2P questions 1838 // 1839 mDNSexport mDNSBool LocalOnlyRecordAnswersQuestion(AuthRecord *const ar, const DNSQuestion *const q) 1840 { 1841 ResourceRecord *rr = &ar->resrec; 1842 1843 // mDNSInterface_Any questions can be answered with LocalOnly/P2P records in this function. AuthRecord_Any 1844 // records are handled in ResourceRecordAnswersQuestion/SameNameRecordAnswersQuestion 1845 if (RRAny(ar)) 1846 { 1847 LogMsg("LocalOnlyRecordAnswersQuestion: ERROR!! called with regular AuthRecordAny %##s", rr->name->c); 1848 return mDNSfalse; 1849 } 1850 1851 // Questions with mDNSInterface_LocalOnly InterfaceID should be answered with all resource records that are 1852 // *local* to the machine. These include resource records that have InterfaceID set to mDNSInterface_LocalOnly, 1853 // mDNSInterface_Any and any other real InterfaceID. Hence, LocalOnly questions should not be checked against 1854 // the InterfaceID in the resource record. 1855 // 1856 // mDNSInterface_Unicast does not indicate any scope and hence treat them like mDNSInterface_Any. 1857 1858 if (rr->InterfaceID && 1859 q->InterfaceID && q->InterfaceID != mDNSInterface_LocalOnly && q->InterfaceID != mDNSInterface_Unicast && 1860 rr->InterfaceID != q->InterfaceID) return(mDNSfalse); 1861 1862 // Entries in /etc/hosts are added as LocalOnly resource records. The LocalOnly resource records 1863 // may have a scope e.g., fe80::1%en0. The question may be scoped or not: the InterfaceID may be set 1864 // to mDNSInterface_Any, mDNSInterface_LocalOnly or a real InterfaceID (scoped). 1865 // 1866 // 1) Question: Any, LocalOnly Record: no scope. This question should be answered with this record. 1867 // 1868 // 2) Question: Any, LocalOnly Record: scoped. This question should be answered with the record because 1869 // traditionally applications never specify scope e.g., getaddrinfo, but need to be able 1870 // to get to /etc/hosts entries. 1871 // 1872 // 3) Question: Scoped (LocalOnly or InterfaceID), LocalOnly Record: no scope. This is the inverse of (2). 1873 // If we register a LocalOnly record, we need to answer a LocalOnly question. If the /etc/hosts has a 1874 // non scoped entry, it may not make sense to answer a scoped question. But we can't tell these two 1875 // cases apart. As we currently answer LocalOnly question with LocalOnly record, we continue to do so. 1876 // 1877 // 4) Question: Scoped (LocalOnly or InterfaceID), LocalOnly Record: scoped. LocalOnly questions should be 1878 // answered with any resource record where as if it has a valid InterfaceID, the scope should match. 1879 // 1880 // (1) and (2) is bypassed because we check for a non-NULL InterfaceID above. For (3), the InterfaceID is NULL 1881 // and hence bypassed above. For (4) we bypassed LocalOnly questions and checked the scope of the record 1882 // against the question. 1883 // 1884 // For P2P, InterfaceIDs of the question and the record should match. 1885 1886 // If ResourceRecord received via multicast, but question was unicast, then shouldn't use record to answer this question. 1887 // LocalOnly authoritative answers are exempt. LocalOnly authoritative answers are used for /etc/host entries. 1888 // We don't want a local process to be able to create a fake LocalOnly address record for "www.bigbank.com" which would then 1889 // cause other applications (e.g. Safari) to connect to the wrong address. The rpc to register records filters out records 1890 // with names that don't end in local and have mDNSInterface_LocalOnly set. 1891 // 1892 // Note: The check is bypassed for LocalOnly and for P2P it is not needed as only .local records are registered and for 1893 // a question to match its names, it also has to end in .local and that question can't be a unicast question (See 1894 // Question_uDNS macro and its usage). As P2P does not enforce .local only registrations we still make this check 1895 // and also makes it future proof. 1896 1897 if (ar->ARType != AuthRecordLocalOnly && rr->InterfaceID && !mDNSOpaque16IsZero(q->TargetQID)) return(mDNSfalse); 1898 1899 // RR type CNAME matches any query type. QTYPE ANY matches any RR type. QCLASS ANY matches any RR class. 1900 if (!RRTypeAnswersQuestionType(rr,q->qtype)) return(mDNSfalse); 1901 if (rr->rrclass != q->qclass && q->qclass != kDNSQClass_ANY) return(mDNSfalse); 1902 1903 if (!AnonInfoAnswersQuestion(rr, q)) 1904 return mDNSfalse; 1905 1906 return(rr->namehash == q->qnamehash && SameDomainName(rr->name, &q->qname)); 1907 } 1908 1909 mDNSexport mDNSBool AnyTypeRecordAnswersQuestion(const ResourceRecord *const rr, const DNSQuestion *const q) 1910 { 1911 // LocalOnly/P2P questions can be answered with AuthRecordAny in this function. LocalOnly/P2P records 1912 // are handled in LocalOnlyRecordAnswersQuestion 1913 if (LocalOnlyOrP2PInterface(rr->InterfaceID)) 1914 { 1915 LogMsg("AnyTypeRecordAnswersQuestion: ERROR!! called with LocalOnly ResourceRecord %p, Question %p", rr->InterfaceID, q->InterfaceID); 1916 return mDNSfalse; 1917 } 1918 if (rr->InterfaceID && 1919 q->InterfaceID && q->InterfaceID != mDNSInterface_LocalOnly && 1920 rr->InterfaceID != q->InterfaceID) return(mDNSfalse); 1921 1922 // Resource record received via unicast, the resolver group ID should match ? 1923 // Note that Auth Records are normally setup with NULL InterfaceID and 1924 // both the DNSServers are assumed to be NULL in that case 1925 if (!rr->InterfaceID) 1926 { 1927 mDNSu16 idr = (rr->rDNSServer ? rr->rDNSServer->resGroupID : 0); 1928 mDNSu16 idq = (q->qDNSServer ? q->qDNSServer->resGroupID : 0); 1929 if (idr != idq) return(mDNSfalse); 1930 } 1931 1932 // If ResourceRecord received via multicast, but question was unicast, then shouldn't use record to answer this question 1933 if (rr->InterfaceID && !mDNSOpaque16IsZero(q->TargetQID)) return(mDNSfalse); 1934 1935 if (rr->rrclass != q->qclass && q->qclass != kDNSQClass_ANY) return(mDNSfalse); 1936 1937 if (!AnonInfoAnswersQuestion(rr, q)) 1938 return mDNSfalse; 1939 1940 return(rr->namehash == q->qnamehash && SameDomainName(rr->name, &q->qname)); 1941 } 1942 1943 // This is called with both unicast resource record and multicast resource record. The question that 1944 // received the unicast response could be the regular unicast response from a DNS server or a response 1945 // to a mDNS QU query. The main reason we need this function is that we can't compare DNSServers between the 1946 // question and the resource record because the resource record is not completely initialized in 1947 // mDNSCoreReceiveResponse when this function is called. 1948 mDNSexport mDNSBool ResourceRecordAnswersUnicastResponse(const ResourceRecord *const rr, const DNSQuestion *const q) 1949 { 1950 mDNSBool checkType = mDNStrue; 1951 1952 if (QuerySuppressed(q)) 1953 return mDNSfalse; 1954 1955 // For resource records created using multicast, the InterfaceIDs have to match 1956 if (rr->InterfaceID && 1957 q->InterfaceID && rr->InterfaceID != q->InterfaceID) return(mDNSfalse); 1958 1959 // If ResourceRecord received via multicast, but question was unicast, then shouldn't use record to answer this question. 1960 if (rr->InterfaceID && !mDNSOpaque16IsZero(q->TargetQID)) return(mDNSfalse); 1961 1962 if (!DNSSECRecordAnswersQuestion(rr, q, &checkType)) return mDNSfalse; 1963 1964 // RR type CNAME matches any query type. QTYPE ANY matches any RR type. QCLASS ANY matches any RR class. 1965 if (checkType && !RRTypeAnswersQuestionType(rr,q->qtype)) return(mDNSfalse); 1966 1967 if (rr->rrclass != q->qclass && q->qclass != kDNSQClass_ANY) return(mDNSfalse); 1968 1969 return(rr->namehash == q->qnamehash && SameDomainName(rr->name, &q->qname)); 1970 } 1971 1972 mDNSexport mDNSu16 GetRDLength(const ResourceRecord *const rr, mDNSBool estimate) 1973 { 1974 const RDataBody2 *const rd = (RDataBody2 *)rr->rdata->u.data; 1975 const domainname *const name = estimate ? rr->name : mDNSNULL; 1976 if (rr->rrclass == kDNSQClass_ANY) return(rr->rdlength); // Used in update packets to mean "Delete An RRset" (RFC 2136) 1977 else switch (rr->rrtype) 1978 { 1979 case kDNSType_A: return(sizeof(rd->ipv4)); 1980 1981 case kDNSType_NS: 1982 case kDNSType_CNAME: 1983 case kDNSType_PTR: 1984 case kDNSType_DNAME: return(CompressedDomainNameLength(&rd->name, name)); 1985 1986 case kDNSType_SOA: return (mDNSu16)(CompressedDomainNameLength(&rd->soa.mname, name) + 1987 CompressedDomainNameLength(&rd->soa.rname, name) + 1988 5 * sizeof(mDNSOpaque32)); 1989 1990 case kDNSType_NULL: 1991 case kDNSType_TSIG: 1992 case kDNSType_TXT: 1993 case kDNSType_X25: 1994 case kDNSType_ISDN: 1995 case kDNSType_LOC: 1996 case kDNSType_DHCID: return(rr->rdlength); // Not self-describing, so have to just trust rdlength 1997 1998 case kDNSType_HINFO: return (mDNSu16)(2 + (int)rd->data[0] + (int)rd->data[1 + (int)rd->data[0]]); 1999 2000 case kDNSType_MX: 2001 case kDNSType_AFSDB: 2002 case kDNSType_RT: 2003 case kDNSType_KX: return (mDNSu16)(2 + CompressedDomainNameLength(&rd->mx.exchange, name)); 2004 2005 case kDNSType_RP: return (mDNSu16)(CompressedDomainNameLength(&rd->rp.mbox, name) + 2006 CompressedDomainNameLength(&rd->rp.txt, name)); 2007 2008 case kDNSType_PX: return (mDNSu16)(2 + CompressedDomainNameLength(&rd->px.map822, name) + 2009 CompressedDomainNameLength(&rd->px.mapx400, name)); 2010 2011 case kDNSType_AAAA: return(sizeof(rd->ipv6)); 2012 2013 case kDNSType_SRV: return (mDNSu16)(6 + CompressedDomainNameLength(&rd->srv.target, name)); 2014 2015 case kDNSType_OPT: return(rr->rdlength); 2016 2017 case kDNSType_NSEC: { 2018 domainname *next = (domainname *)rd->data; 2019 int dlen = DomainNameLength(next); 2020 // 2021 if (UNICAST_NSEC(rr)) 2022 return (mDNSu16)(CompressedDomainNameLength(next, name) + rr->rdlength - dlen); 2023 else 2024 return (mDNSu16)((estimate ? 2 : dlen) + rr->rdlength - dlen); 2025 } 2026 2027 default: debugf("Warning! Don't know how to get length of resource type %d", rr->rrtype); 2028 return(rr->rdlength); 2029 } 2030 } 2031 2032 // When a local client registers (or updates) a record, we use this routine to do some simple validation checks 2033 // to help reduce the risk of bogus malformed data on the network 2034 mDNSexport mDNSBool ValidateRData(const mDNSu16 rrtype, const mDNSu16 rdlength, const RData *const rd) 2035 { 2036 mDNSu16 len; 2037 2038 switch(rrtype) 2039 { 2040 case kDNSType_A: return(rdlength == sizeof(mDNSv4Addr)); 2041 2042 case kDNSType_NS: // Same as PTR 2043 case kDNSType_MD: // Same as PTR 2044 case kDNSType_MF: // Same as PTR 2045 case kDNSType_CNAME: // Same as PTR 2046 //case kDNSType_SOA not checked 2047 case kDNSType_MB: // Same as PTR 2048 case kDNSType_MG: // Same as PTR 2049 case kDNSType_MR: // Same as PTR 2050 //case kDNSType_NULL not checked (no specified format, so always valid) 2051 //case kDNSType_WKS not checked 2052 case kDNSType_PTR: len = DomainNameLengthLimit(&rd->u.name, rd->u.data + rdlength); 2053 return(len <= MAX_DOMAIN_NAME && rdlength == len); 2054 2055 case kDNSType_HINFO: // Same as TXT (roughly) 2056 case kDNSType_MINFO: // Same as TXT (roughly) 2057 case kDNSType_TXT: if (!rdlength) return(mDNSfalse); // TXT record has to be at least one byte (RFC 1035) 2058 { 2059 const mDNSu8 *ptr = rd->u.txt.c; 2060 const mDNSu8 *end = rd->u.txt.c + rdlength; 2061 while (ptr < end) ptr += 1 + ptr[0]; 2062 return (ptr == end); 2063 } 2064 2065 case kDNSType_AAAA: return(rdlength == sizeof(mDNSv6Addr)); 2066 2067 case kDNSType_MX: // Must be at least two-byte preference, plus domainname 2068 // Call to DomainNameLengthLimit() implicitly enforces both requirements for us 2069 len = DomainNameLengthLimit(&rd->u.mx.exchange, rd->u.data + rdlength); 2070 return(len <= MAX_DOMAIN_NAME && rdlength == 2+len); 2071 2072 case kDNSType_SRV: // Must be at least priority+weight+port, plus domainname 2073 // Call to DomainNameLengthLimit() implicitly enforces both requirements for us 2074 len = DomainNameLengthLimit(&rd->u.srv.target, rd->u.data + rdlength); 2075 return(len <= MAX_DOMAIN_NAME && rdlength == 6+len); 2076 2077 //case kDNSType_NSEC not checked 2078 2079 default: return(mDNStrue); // Allow all other types without checking 2080 } 2081 } 2082 2083 // *************************************************************************** 2084 #if COMPILER_LIKES_PRAGMA_MARK 2085 #pragma mark - 2086 #pragma mark - DNS Message Creation Functions 2087 #endif 2088 2089 mDNSexport void InitializeDNSMessage(DNSMessageHeader *h, mDNSOpaque16 id, mDNSOpaque16 flags) 2090 { 2091 h->id = id; 2092 h->flags = flags; 2093 h->numQuestions = 0; 2094 h->numAnswers = 0; 2095 h->numAuthorities = 0; 2096 h->numAdditionals = 0; 2097 } 2098 2099 mDNSexport const mDNSu8 *FindCompressionPointer(const mDNSu8 *const base, const mDNSu8 *const end, const mDNSu8 *const domname) 2100 { 2101 const mDNSu8 *result = end - *domname - 1; 2102 2103 if (*domname == 0) return(mDNSNULL); // There's no point trying to match just the root label 2104 2105 // This loop examines each possible starting position in packet, starting end of the packet and working backwards 2106 while (result >= base) 2107 { 2108 // If the length byte and first character of the label match, then check further to see 2109 // if this location in the packet will yield a useful name compression pointer. 2110 if (result[0] == domname[0] && result[1] == domname[1]) 2111 { 2112 const mDNSu8 *name = domname; 2113 const mDNSu8 *targ = result; 2114 while (targ + *name < end) 2115 { 2116 // First see if this label matches 2117 int i; 2118 const mDNSu8 *pointertarget; 2119 for (i=0; i <= *name; i++) if (targ[i] != name[i]) break; 2120 if (i <= *name) break; // If label did not match, bail out 2121 targ += 1 + *name; // Else, did match, so advance target pointer 2122 name += 1 + *name; // and proceed to check next label 2123 if (*name == 0 && *targ == 0) return(result); // If no more labels, we found a match! 2124 if (*name == 0) break; // If no more labels to match, we failed, so bail out 2125 2126 // The label matched, so now follow the pointer (if appropriate) and then see if the next label matches 2127 if (targ[0] < 0x40) continue; // If length value, continue to check next label 2128 if (targ[0] < 0xC0) break; // If 40-BF, not valid 2129 if (targ+1 >= end) break; // Second byte not present! 2130 pointertarget = base + (((mDNSu16)(targ[0] & 0x3F)) << 8) + targ[1]; 2131 if (targ < pointertarget) break; // Pointertarget must point *backwards* in the packet 2132 if (pointertarget[0] >= 0x40) break; // Pointertarget must point to a valid length byte 2133 targ = pointertarget; 2134 } 2135 } 2136 result--; // We failed to match at this search position, so back up the tentative result pointer and try again 2137 } 2138 return(mDNSNULL); 2139 } 2140 2141 // domainname is a fully-qualified name (i.e. assumed to be ending in a dot, even if it doesn't) 2142 // msg points to the message we're building (pass mDNSNULL if we don't want to use compression pointers) 2143 // end points to the end of the message so far 2144 // ptr points to where we want to put the name 2145 // limit points to one byte past the end of the buffer that we must not overrun 2146 // domainname is the name to put 2147 mDNSexport mDNSu8 *putDomainNameAsLabels(const DNSMessage *const msg, 2148 mDNSu8 *ptr, const mDNSu8 *const limit, const domainname *const name) 2149 { 2150 const mDNSu8 *const base = (const mDNSu8 *)msg; 2151 const mDNSu8 * np = name->c; 2152 const mDNSu8 *const max = name->c + MAX_DOMAIN_NAME; // Maximum that's valid 2153 const mDNSu8 * pointer = mDNSNULL; 2154 const mDNSu8 *const searchlimit = ptr; 2155 2156 if (!ptr) { LogMsg("putDomainNameAsLabels %##s ptr is null", name->c); return(mDNSNULL); } 2157 2158 if (!*np) // If just writing one-byte root label, make sure we have space for that 2159 { 2160 if (ptr >= limit) return(mDNSNULL); 2161 } 2162 else // else, loop through writing labels and/or a compression offset 2163 { 2164 do { 2165 if (*np > MAX_DOMAIN_LABEL) 2166 { LogMsg("Malformed domain name %##s (label more than 63 bytes)", name->c); return(mDNSNULL); } 2167 2168 // This check correctly allows for the final trailing root label: 2169 // e.g. 2170 // Suppose our domain name is exactly 256 bytes long, including the final trailing root label. 2171 // Suppose np is now at name->c[249], and we're about to write our last non-null label ("local"). 2172 // We know that max will be at name->c[256] 2173 // That means that np + 1 + 5 == max - 1, so we (just) pass the "if" test below, write our 2174 // six bytes, then exit the loop, write the final terminating root label, and the domain 2175 // name we've written is exactly 256 bytes long, exactly at the correct legal limit. 2176 // If the name is one byte longer, then we fail the "if" test below, and correctly bail out. 2177 if (np + 1 + *np >= max) 2178 { LogMsg("Malformed domain name %##s (more than 256 bytes)", name->c); return(mDNSNULL); } 2179 2180 if (base) pointer = FindCompressionPointer(base, searchlimit, np); 2181 if (pointer) // Use a compression pointer if we can 2182 { 2183 const mDNSu16 offset = (mDNSu16)(pointer - base); 2184 if (ptr+2 > limit) return(mDNSNULL); // If we don't have two bytes of space left, give up 2185 *ptr++ = (mDNSu8)(0xC0 | (offset >> 8)); 2186 *ptr++ = (mDNSu8)( offset & 0xFF); 2187 return(ptr); 2188 } 2189 else // Else copy one label and try again 2190 { 2191 int i; 2192 mDNSu8 len = *np++; 2193 // If we don't at least have enough space for this label *plus* a terminating zero on the end, give up 2194 if (ptr + 1 + len >= limit) return(mDNSNULL); 2195 *ptr++ = len; 2196 for (i=0; i<len; i++) *ptr++ = *np++; 2197 } 2198 } while (*np); // While we've got characters remaining in the name, continue 2199 } 2200 2201 *ptr++ = 0; // Put the final root label 2202 return(ptr); 2203 } 2204 2205 mDNSlocal mDNSu8 *putVal16(mDNSu8 *ptr, mDNSu16 val) 2206 { 2207 ptr[0] = (mDNSu8)((val >> 8 ) & 0xFF); 2208 ptr[1] = (mDNSu8)((val ) & 0xFF); 2209 return ptr + sizeof(mDNSOpaque16); 2210 } 2211 2212 mDNSlocal mDNSu8 *putVal32(mDNSu8 *ptr, mDNSu32 val) 2213 { 2214 ptr[0] = (mDNSu8)((val >> 24) & 0xFF); 2215 ptr[1] = (mDNSu8)((val >> 16) & 0xFF); 2216 ptr[2] = (mDNSu8)((val >> 8) & 0xFF); 2217 ptr[3] = (mDNSu8)((val ) & 0xFF); 2218 return ptr + sizeof(mDNSu32); 2219 } 2220 2221 // Copy the RDATA information. The actual in memory storage for the data might be bigger than what the rdlength 2222 // says. Hence, the only way to copy out the data from a resource record is to use putRData. 2223 // msg points to the message we're building (pass mDNSNULL for "msg" if we don't want to use compression pointers) 2224 mDNSexport mDNSu8 *putRData(const DNSMessage *const msg, mDNSu8 *ptr, const mDNSu8 *const limit, const ResourceRecord *const rr) 2225 { 2226 const RDataBody2 *const rdb = (RDataBody2 *)rr->rdata->u.data; 2227 switch (rr->rrtype) 2228 { 2229 case kDNSType_A: if (rr->rdlength != 4) 2230 { debugf("putRData: Illegal length %d for kDNSType_A", rr->rdlength); return(mDNSNULL); } 2231 if (ptr + 4 > limit) return(mDNSNULL); 2232 *ptr++ = rdb->ipv4.b[0]; 2233 *ptr++ = rdb->ipv4.b[1]; 2234 *ptr++ = rdb->ipv4.b[2]; 2235 *ptr++ = rdb->ipv4.b[3]; 2236 return(ptr); 2237 2238 case kDNSType_NS: 2239 case kDNSType_CNAME: 2240 case kDNSType_PTR: 2241 case kDNSType_DNAME: return(putDomainNameAsLabels(msg, ptr, limit, &rdb->name)); 2242 2243 case kDNSType_SOA: ptr = putDomainNameAsLabels(msg, ptr, limit, &rdb->soa.mname); 2244 if (!ptr) return(mDNSNULL); 2245 ptr = putDomainNameAsLabels(msg, ptr, limit, &rdb->soa.rname); 2246 if (!ptr || ptr + 20 > limit) return(mDNSNULL); 2247 ptr = putVal32(ptr, rdb->soa.serial); 2248 ptr = putVal32(ptr, rdb->soa.refresh); 2249 ptr = putVal32(ptr, rdb->soa.retry); 2250 ptr = putVal32(ptr, rdb->soa.expire); 2251 ptr = putVal32(ptr, rdb->soa.min); 2252 return(ptr); 2253 2254 case kDNSType_NULL: 2255 case kDNSType_HINFO: 2256 case kDNSType_TSIG: 2257 case kDNSType_TXT: 2258 case kDNSType_X25: 2259 case kDNSType_ISDN: 2260 case kDNSType_LOC: 2261 case kDNSType_DHCID: if (ptr + rr->rdlength > limit) return(mDNSNULL); 2262 mDNSPlatformMemCopy(ptr, rdb->data, rr->rdlength); 2263 return(ptr + rr->rdlength); 2264 2265 case kDNSType_MX: 2266 case kDNSType_AFSDB: 2267 case kDNSType_RT: 2268 case kDNSType_KX: if (ptr + 3 > limit) return(mDNSNULL); 2269 ptr = putVal16(ptr, rdb->mx.preference); 2270 return(putDomainNameAsLabels(msg, ptr, limit, &rdb->mx.exchange)); 2271 2272 case kDNSType_RP: ptr = putDomainNameAsLabels(msg, ptr, limit, &rdb->rp.mbox); 2273 if (!ptr) return(mDNSNULL); 2274 ptr = putDomainNameAsLabels(msg, ptr, limit, &rdb->rp.txt); 2275 return(ptr); 2276 2277 case kDNSType_PX: if (ptr + 5 > limit) return(mDNSNULL); 2278 ptr = putVal16(ptr, rdb->px.preference); 2279 ptr = putDomainNameAsLabels(msg, ptr, limit, &rdb->px.map822); 2280 if (!ptr) return(mDNSNULL); 2281 ptr = putDomainNameAsLabels(msg, ptr, limit, &rdb->px.mapx400); 2282 return(ptr); 2283 2284 case kDNSType_AAAA: if (rr->rdlength != sizeof(rdb->ipv6)) 2285 { debugf("putRData: Illegal length %d for kDNSType_AAAA", rr->rdlength); return(mDNSNULL); } 2286 if (ptr + sizeof(rdb->ipv6) > limit) return(mDNSNULL); 2287 mDNSPlatformMemCopy(ptr, &rdb->ipv6, sizeof(rdb->ipv6)); 2288 return(ptr + sizeof(rdb->ipv6)); 2289 2290 case kDNSType_SRV: if (ptr + 7 > limit) return(mDNSNULL); 2291 *ptr++ = (mDNSu8)(rdb->srv.priority >> 8); 2292 *ptr++ = (mDNSu8)(rdb->srv.priority & 0xFF); 2293 *ptr++ = (mDNSu8)(rdb->srv.weight >> 8); 2294 *ptr++ = (mDNSu8)(rdb->srv.weight & 0xFF); 2295 *ptr++ = rdb->srv.port.b[0]; 2296 *ptr++ = rdb->srv.port.b[1]; 2297 return(putDomainNameAsLabels(msg, ptr, limit, &rdb->srv.target)); 2298 2299 case kDNSType_OPT: { 2300 int len = 0; 2301 const rdataOPT *opt; 2302 const rdataOPT *const end = (const rdataOPT *)&rr->rdata->u.data[rr->rdlength]; 2303 for (opt = &rr->rdata->u.opt[0]; opt < end; opt++) 2304 len += DNSOpt_Data_Space(opt); 2305 if (ptr + len > limit) 2306 { 2307 LogMsg("ERROR: putOptRData - out of space"); 2308 return mDNSNULL; 2309 } 2310 for (opt = &rr->rdata->u.opt[0]; opt < end; opt++) 2311 { 2312 const int space = DNSOpt_Data_Space(opt); 2313 ptr = putVal16(ptr, opt->opt); 2314 ptr = putVal16(ptr, (mDNSu16)space - 4); 2315 switch (opt->opt) 2316 { 2317 case kDNSOpt_LLQ: 2318 ptr = putVal16(ptr, opt->u.llq.vers); 2319 ptr = putVal16(ptr, opt->u.llq.llqOp); 2320 ptr = putVal16(ptr, opt->u.llq.err); 2321 mDNSPlatformMemCopy(ptr, opt->u.llq.id.b, 8); // 8-byte id 2322 ptr += 8; 2323 ptr = putVal32(ptr, opt->u.llq.llqlease); 2324 break; 2325 case kDNSOpt_Lease: 2326 ptr = putVal32(ptr, opt->u.updatelease); 2327 break; 2328 case kDNSOpt_Owner: 2329 *ptr++ = opt->u.owner.vers; 2330 *ptr++ = opt->u.owner.seq; 2331 mDNSPlatformMemCopy(ptr, opt->u.owner.HMAC.b, 6); // 6-byte Host identifier 2332 ptr += 6; 2333 if (space >= DNSOpt_OwnerData_ID_Wake_Space) 2334 { 2335 mDNSPlatformMemCopy(ptr, opt->u.owner.IMAC.b, 6); // 6-byte interface MAC 2336 ptr += 6; 2337 if (space > DNSOpt_OwnerData_ID_Wake_Space) 2338 { 2339 mDNSPlatformMemCopy(ptr, opt->u.owner.password.b, space - DNSOpt_OwnerData_ID_Wake_Space); 2340 ptr += space - DNSOpt_OwnerData_ID_Wake_Space; 2341 } 2342 } 2343 break; 2344 case kDNSOpt_Trace: 2345 *ptr++ = opt->u.tracer.platf; 2346 ptr = putVal32(ptr, opt->u.tracer.mDNSv); 2347 break; 2348 } 2349 } 2350 return ptr; 2351 } 2352 2353 case kDNSType_NSEC: { 2354 // For NSEC records, rdlength represents the exact number of bytes 2355 // of in memory storage. 2356 mDNSu8 *nsec = (mDNSu8 *)rdb->data; 2357 domainname *name = (domainname *)nsec; 2358 const int dlen = DomainNameLength(name); 2359 nsec += dlen; 2360 // This function is called when we are sending a NSEC record as part of mDNS, 2361 // or to copy the data to any other buffer needed which could be a mDNS or uDNS 2362 // NSEC record. The only time compression is used that when we are sending it 2363 // in mDNS (indicated by non-NULL "msg") and hence we handle mDNS case 2364 // separately. 2365 if (!UNICAST_NSEC(rr)) 2366 { 2367 mDNSu8 *save = ptr; 2368 int i, j, wlen; 2369 wlen = *(nsec + 1); 2370 nsec += 2; // Skip the window number and len 2371 2372 // For our simplified use of NSEC synthetic records: 2373 // 2374 // nextname is always the record's own name, 2375 // the block number is always 0, 2376 // the count byte is a value in the range 1-32, 2377 // followed by the 1-32 data bytes 2378 // 2379 // Note: When we send the NSEC record in mDNS, the window size is set to 32. 2380 // We need to find out what the last non-NULL byte is. If we are copying out 2381 // from an RDATA, we have the right length. As we need to handle both the case, 2382 // we loop to find the right value instead of blindly using len to copy. 2383 2384 for (i=wlen; i>0; i--) if (nsec[i-1]) break; 2385 2386 ptr = putDomainNameAsLabels(msg, ptr, limit, rr->name); 2387 if (!ptr) { LogInfo("putRData: Can't put name, Length %d, record %##s", limit - save, rr->name->c); return(mDNSNULL); } 2388 if (i) // Only put a block if at least one type exists for this name 2389 { 2390 if (ptr + 2 + i > limit) { LogInfo("putRData: Can't put window, Length %d, i %d, record %##s", limit - ptr, i, rr->name->c); return(mDNSNULL); } 2391 *ptr++ = 0; 2392 *ptr++ = (mDNSu8)i; 2393 for (j=0; j<i; j++) *ptr++ = nsec[j]; 2394 } 2395 return ptr; 2396 } 2397 else 2398 { 2399 int win, wlen; 2400 int len = rr->rdlength - dlen; 2401 2402 // Sanity check whether the bitmap is good 2403 while (len) 2404 { 2405 if (len < 3) 2406 { LogMsg("putRData: invalid length %d", len); return mDNSNULL; } 2407 2408 win = *nsec++; 2409 wlen = *nsec++; 2410 len -= 2; 2411 if (len < wlen || wlen < 1 || wlen > 32) 2412 { LogMsg("putRData: invalid window length %d", wlen); return mDNSNULL; } 2413 if (win < 0 || win >= 256) 2414 { LogMsg("putRData: invalid window %d", win); return mDNSNULL; } 2415 2416 nsec += wlen; 2417 len -= wlen; 2418 } 2419 if (ptr + rr->rdlength > limit) { LogMsg("putRData: NSEC rdlength beyond limit %##s (%s), ptr %p, rdlength %d, limit %p", rr->name->c, DNSTypeName(rr->rrtype), ptr, rr->rdlength, limit); return(mDNSNULL);} 2420 2421 // No compression allowed for "nxt", just copy the data. 2422 mDNSPlatformMemCopy(ptr, rdb->data, rr->rdlength); 2423 return(ptr + rr->rdlength); 2424 } 2425 } 2426 2427 default: debugf("putRData: Warning! Writing unknown resource type %d as raw data", rr->rrtype); 2428 if (ptr + rr->rdlength > limit) return(mDNSNULL); 2429 mDNSPlatformMemCopy(ptr, rdb->data, rr->rdlength); 2430 return(ptr + rr->rdlength); 2431 } 2432 } 2433 2434 #define IsUnicastUpdate(X) (!mDNSOpaque16IsZero((X)->h.id) && ((X)->h.flags.b[0] & kDNSFlag0_OP_Mask) == kDNSFlag0_OP_Update) 2435 2436 mDNSexport mDNSu8 *PutResourceRecordTTLWithLimit(DNSMessage *const msg, mDNSu8 *ptr, mDNSu16 *count, ResourceRecord *rr, mDNSu32 ttl, const mDNSu8 *limit) 2437 { 2438 mDNSu8 *endofrdata; 2439 mDNSu16 actualLength; 2440 // When sending SRV to conventional DNS server (i.e. in DNS update requests) we should not do name compression on the rdata (RFC 2782) 2441 const DNSMessage *const rdatacompressionbase = (IsUnicastUpdate(msg) && rr->rrtype == kDNSType_SRV) ? mDNSNULL : msg; 2442 2443 if (rr->RecordType == kDNSRecordTypeUnregistered) 2444 { 2445 LogMsg("PutResourceRecordTTLWithLimit ERROR! Attempt to put kDNSRecordTypeUnregistered %##s (%s)", rr->name->c, DNSTypeName(rr->rrtype)); 2446 return(ptr); 2447 } 2448 2449 if (!ptr) 2450 { 2451 LogMsg("PutResourceRecordTTLWithLimit ptr is null %##s (%s)", rr->name->c, DNSTypeName(rr->rrtype)); 2452 return(mDNSNULL); 2453 } 2454 2455 ptr = putDomainNameAsLabels(msg, ptr, limit, rr->name); 2456 // If we're out-of-space, return mDNSNULL 2457 if (!ptr || ptr + 10 >= limit) 2458 { 2459 LogInfo("PutResourceRecordTTLWithLimit: can't put name, out of space %##s (%s), ptr %p, limit %p", rr->name->c, 2460 DNSTypeName(rr->rrtype), ptr, limit); 2461 return(mDNSNULL); 2462 } 2463 ptr[0] = (mDNSu8)(rr->rrtype >> 8); 2464 ptr[1] = (mDNSu8)(rr->rrtype & 0xFF); 2465 ptr[2] = (mDNSu8)(rr->rrclass >> 8); 2466 ptr[3] = (mDNSu8)(rr->rrclass & 0xFF); 2467 ptr[4] = (mDNSu8)((ttl >> 24) & 0xFF); 2468 ptr[5] = (mDNSu8)((ttl >> 16) & 0xFF); 2469 ptr[6] = (mDNSu8)((ttl >> 8) & 0xFF); 2470 ptr[7] = (mDNSu8)( ttl & 0xFF); 2471 // ptr[8] and ptr[9] filled in *after* we find out how much space the rdata takes 2472 2473 endofrdata = putRData(rdatacompressionbase, ptr+10, limit, rr); 2474 if (!endofrdata) 2475 { 2476 LogInfo("PutResourceRecordTTLWithLimit: Ran out of space in PutResourceRecord for %##s (%s), ptr %p, limit %p", rr->name->c, 2477 DNSTypeName(rr->rrtype), ptr+10, limit); 2478 return(mDNSNULL); 2479 } 2480 2481 // Go back and fill in the actual number of data bytes we wrote 2482 // (actualLength can be less than rdlength when domain name compression is used) 2483 actualLength = (mDNSu16)(endofrdata - ptr - 10); 2484 ptr[8] = (mDNSu8)(actualLength >> 8); 2485 ptr[9] = (mDNSu8)(actualLength & 0xFF); 2486 2487 if (count) (*count)++; 2488 else LogMsg("PutResourceRecordTTL: ERROR: No target count to update for %##s (%s)", rr->name->c, DNSTypeName(rr->rrtype)); 2489 return(endofrdata); 2490 } 2491 2492 mDNSlocal mDNSu8 *putEmptyResourceRecord(DNSMessage *const msg, mDNSu8 *ptr, const mDNSu8 *const limit, mDNSu16 *count, const AuthRecord *rr) 2493 { 2494 ptr = putDomainNameAsLabels(msg, ptr, limit, rr->resrec.name); 2495 if (!ptr || ptr + 10 > limit) return(mDNSNULL); // If we're out-of-space, return mDNSNULL 2496 ptr[0] = (mDNSu8)(rr->resrec.rrtype >> 8); // Put type 2497 ptr[1] = (mDNSu8)(rr->resrec.rrtype & 0xFF); 2498 ptr[2] = (mDNSu8)(rr->resrec.rrclass >> 8); // Put class 2499 ptr[3] = (mDNSu8)(rr->resrec.rrclass & 0xFF); 2500 ptr[4] = ptr[5] = ptr[6] = ptr[7] = 0; // TTL is zero 2501 ptr[8] = ptr[9] = 0; // RDATA length is zero 2502 (*count)++; 2503 return(ptr + 10); 2504 } 2505 2506 mDNSexport mDNSu8 *putQuestion(DNSMessage *const msg, mDNSu8 *ptr, const mDNSu8 *const limit, const domainname *const name, mDNSu16 rrtype, mDNSu16 rrclass) 2507 { 2508 ptr = putDomainNameAsLabels(msg, ptr, limit, name); 2509 if (!ptr || ptr+4 >= limit) return(mDNSNULL); // If we're out-of-space, return mDNSNULL 2510 ptr[0] = (mDNSu8)(rrtype >> 8); 2511 ptr[1] = (mDNSu8)(rrtype & 0xFF); 2512 ptr[2] = (mDNSu8)(rrclass >> 8); 2513 ptr[3] = (mDNSu8)(rrclass & 0xFF); 2514 msg->h.numQuestions++; 2515 return(ptr+4); 2516 } 2517 2518 // for dynamic updates 2519 mDNSexport mDNSu8 *putZone(DNSMessage *const msg, mDNSu8 *ptr, mDNSu8 *limit, const domainname *zone, mDNSOpaque16 zoneClass) 2520 { 2521 ptr = putDomainNameAsLabels(msg, ptr, limit, zone); 2522 if (!ptr || ptr + 4 > limit) return mDNSNULL; // If we're out-of-space, return NULL 2523 *ptr++ = (mDNSu8)(kDNSType_SOA >> 8); 2524 *ptr++ = (mDNSu8)(kDNSType_SOA & 0xFF); 2525 *ptr++ = zoneClass.b[0]; 2526 *ptr++ = zoneClass.b[1]; 2527 msg->h.mDNS_numZones++; 2528 return ptr; 2529 } 2530 2531 // for dynamic updates 2532 mDNSexport mDNSu8 *putPrereqNameNotInUse(const domainname *const name, DNSMessage *const msg, mDNSu8 *const ptr, mDNSu8 *const end) 2533 { 2534 AuthRecord prereq; 2535 mDNS_SetupResourceRecord(&prereq, mDNSNULL, mDNSInterface_Any, kDNSQType_ANY, kStandardTTL, 0, AuthRecordAny, mDNSNULL, mDNSNULL); 2536 AssignDomainName(&prereq.namestorage, name); 2537 prereq.resrec.rrtype = kDNSQType_ANY; 2538 prereq.resrec.rrclass = kDNSClass_NONE; 2539 return putEmptyResourceRecord(msg, ptr, end, &msg->h.mDNS_numPrereqs, &prereq); 2540 } 2541 2542 // for dynamic updates 2543 mDNSexport mDNSu8 *putDeletionRecord(DNSMessage *msg, mDNSu8 *ptr, ResourceRecord *rr) 2544 { 2545 // deletion: specify record w/ TTL 0, class NONE 2546 const mDNSu16 origclass = rr->rrclass; 2547 rr->rrclass = kDNSClass_NONE; 2548 ptr = PutResourceRecordTTLJumbo(msg, ptr, &msg->h.mDNS_numUpdates, rr, 0); 2549 rr->rrclass = origclass; 2550 return ptr; 2551 } 2552 2553 // for dynamic updates 2554 mDNSexport mDNSu8 *putDeletionRecordWithLimit(DNSMessage *msg, mDNSu8 *ptr, ResourceRecord *rr, mDNSu8 *limit) 2555 { 2556 // deletion: specify record w/ TTL 0, class NONE 2557 const mDNSu16 origclass = rr->rrclass; 2558 rr->rrclass = kDNSClass_NONE; 2559 ptr = PutResourceRecordTTLWithLimit(msg, ptr, &msg->h.mDNS_numUpdates, rr, 0, limit); 2560 rr->rrclass = origclass; 2561 return ptr; 2562 } 2563 2564 mDNSexport mDNSu8 *putDeleteRRSetWithLimit(DNSMessage *msg, mDNSu8 *ptr, const domainname *name, mDNSu16 rrtype, mDNSu8 *limit) 2565 { 2566 mDNSu16 class = kDNSQClass_ANY; 2567 2568 ptr = putDomainNameAsLabels(msg, ptr, limit, name); 2569 if (!ptr || ptr + 10 >= limit) return mDNSNULL; // If we're out-of-space, return mDNSNULL 2570 ptr[0] = (mDNSu8)(rrtype >> 8); 2571 ptr[1] = (mDNSu8)(rrtype & 0xFF); 2572 ptr[2] = (mDNSu8)(class >> 8); 2573 ptr[3] = (mDNSu8)(class & 0xFF); 2574 ptr[4] = ptr[5] = ptr[6] = ptr[7] = 0; // zero ttl 2575 ptr[8] = ptr[9] = 0; // zero rdlength/rdata 2576 2577 msg->h.mDNS_numUpdates++; 2578 return ptr + 10; 2579 } 2580 2581 // for dynamic updates 2582 mDNSexport mDNSu8 *putDeleteAllRRSets(DNSMessage *msg, mDNSu8 *ptr, const domainname *name) 2583 { 2584 const mDNSu8 *limit = msg->data + AbsoluteMaxDNSMessageData; 2585 mDNSu16 class = kDNSQClass_ANY; 2586 mDNSu16 rrtype = kDNSQType_ANY; 2587 2588 ptr = putDomainNameAsLabels(msg, ptr, limit, name); 2589 if (!ptr || ptr + 10 >= limit) return mDNSNULL; // If we're out-of-space, return mDNSNULL 2590 ptr[0] = (mDNSu8)(rrtype >> 8); 2591 ptr[1] = (mDNSu8)(rrtype & 0xFF); 2592 ptr[2] = (mDNSu8)(class >> 8); 2593 ptr[3] = (mDNSu8)(class & 0xFF); 2594 ptr[4] = ptr[5] = ptr[6] = ptr[7] = 0; // zero ttl 2595 ptr[8] = ptr[9] = 0; // zero rdlength/rdata 2596 2597 msg->h.mDNS_numUpdates++; 2598 return ptr + 10; 2599 } 2600 2601 // for dynamic updates 2602 mDNSexport mDNSu8 *putUpdateLease(DNSMessage *msg, mDNSu8 *ptr, mDNSu32 lease) 2603 { 2604 AuthRecord rr; 2605 mDNS_SetupResourceRecord(&rr, mDNSNULL, mDNSInterface_Any, kDNSType_OPT, kStandardTTL, kDNSRecordTypeKnownUnique, AuthRecordAny, mDNSNULL, mDNSNULL); 2606 rr.resrec.rrclass = NormalMaxDNSMessageData; 2607 rr.resrec.rdlength = sizeof(rdataOPT); // One option in this OPT record 2608 rr.resrec.rdestimate = sizeof(rdataOPT); 2609 rr.resrec.rdata->u.opt[0].opt = kDNSOpt_Lease; 2610 rr.resrec.rdata->u.opt[0].u.updatelease = lease; 2611 ptr = PutResourceRecordTTLJumbo(msg, ptr, &msg->h.numAdditionals, &rr.resrec, 0); 2612 if (!ptr) { LogMsg("ERROR: putUpdateLease - PutResourceRecordTTL"); return mDNSNULL; } 2613 return ptr; 2614 } 2615 2616 // for dynamic updates 2617 mDNSexport mDNSu8 *putUpdateLeaseWithLimit(DNSMessage *msg, mDNSu8 *ptr, mDNSu32 lease, mDNSu8 *limit) 2618 { 2619 AuthRecord rr; 2620 mDNS_SetupResourceRecord(&rr, mDNSNULL, mDNSInterface_Any, kDNSType_OPT, kStandardTTL, kDNSRecordTypeKnownUnique, AuthRecordAny, mDNSNULL, mDNSNULL); 2621 rr.resrec.rrclass = NormalMaxDNSMessageData; 2622 rr.resrec.rdlength = sizeof(rdataOPT); // One option in this OPT record 2623 rr.resrec.rdestimate = sizeof(rdataOPT); 2624 rr.resrec.rdata->u.opt[0].opt = kDNSOpt_Lease; 2625 rr.resrec.rdata->u.opt[0].u.updatelease = lease; 2626 ptr = PutResourceRecordTTLWithLimit(msg, ptr, &msg->h.numAdditionals, &rr.resrec, 0, limit); 2627 if (!ptr) { LogMsg("ERROR: putUpdateLeaseWithLimit - PutResourceRecordTTLWithLimit"); return mDNSNULL; } 2628 return ptr; 2629 } 2630 2631 mDNSexport mDNSu8 *putDNSSECOption(DNSMessage *msg, mDNSu8 *end, mDNSu8 *limit) 2632 { 2633 AuthRecord rr; 2634 mDNSu32 ttl = 0; 2635 2636 mDNS_SetupResourceRecord(&rr, mDNSNULL, mDNSInterface_Any, kDNSType_OPT, kStandardTTL, kDNSRecordTypeKnownUnique, AuthRecordAny, mDNSNULL, mDNSNULL); 2637 // It is still not clear what the right size is. We will have to fine tune this once we do 2638 // a lot of testing with DNSSEC. 2639 rr.resrec.rrclass = 4096; 2640 rr.resrec.rdlength = 0; 2641 rr.resrec.rdestimate = 0; 2642 // set the DO bit 2643 ttl |= 0x8000; 2644 end = PutResourceRecordTTLWithLimit(msg, end, &msg->h.numAdditionals, &rr.resrec, ttl, limit); 2645 if (!end) { LogMsg("ERROR: putDNSSECOption - PutResourceRecordTTLWithLimit"); return mDNSNULL; } 2646 return end; 2647 } 2648 2649 mDNSexport mDNSu8 *putHINFO(const mDNS *const m, DNSMessage *const msg, mDNSu8 *end, DomainAuthInfo *authInfo, mDNSu8 *limit) 2650 { 2651 if (authInfo && authInfo->AutoTunnel) 2652 { 2653 AuthRecord hinfo; 2654 mDNSu8 *h = hinfo.rdatastorage.u.data; 2655 mDNSu16 len = 2 + m->HIHardware.c[0] + m->HISoftware.c[0]; 2656 mDNSu8 *newptr; 2657 mDNS_SetupResourceRecord(&hinfo, mDNSNULL, mDNSInterface_Any, kDNSType_HINFO, 0, kDNSRecordTypeUnique, AuthRecordAny, mDNSNULL, mDNSNULL); 2658 AppendDomainLabel(&hinfo.namestorage, &m->hostlabel); 2659 AppendDomainName (&hinfo.namestorage, &authInfo->domain); 2660 hinfo.resrec.rroriginalttl = 0; 2661 mDNSPlatformMemCopy(h, &m->HIHardware, 1 + (mDNSu32)m->HIHardware.c[0]); 2662 h += 1 + (int)h[0]; 2663 mDNSPlatformMemCopy(h, &m->HISoftware, 1 + (mDNSu32)m->HISoftware.c[0]); 2664 hinfo.resrec.rdlength = len; 2665 hinfo.resrec.rdestimate = len; 2666 newptr = PutResourceRecordTTLWithLimit(msg, end, &msg->h.numAdditionals, &hinfo.resrec, 0, limit); 2667 return newptr; 2668 } 2669 else 2670 return end; 2671 } 2672 2673 // *************************************************************************** 2674 #if COMPILER_LIKES_PRAGMA_MARK 2675 #pragma mark - 2676 #pragma mark - DNS Message Parsing Functions 2677 #endif 2678 2679 mDNSexport mDNSu32 DomainNameHashValue(const domainname *const name) 2680 { 2681 mDNSu32 sum = 0; 2682 const mDNSu8 *c; 2683 2684 for (c = name->c; c[0] != 0 && c[1] != 0; c += 2) 2685 { 2686 sum += ((mDNSIsUpperCase(c[0]) ? c[0] + 'a' - 'A' : c[0]) << 8) | 2687 (mDNSIsUpperCase(c[1]) ? c[1] + 'a' - 'A' : c[1]); 2688 sum = (sum<<3) | (sum>>29); 2689 } 2690 if (c[0]) sum += ((mDNSIsUpperCase(c[0]) ? c[0] + 'a' - 'A' : c[0]) << 8); 2691 return(sum); 2692 } 2693 2694 mDNSexport void SetNewRData(ResourceRecord *const rr, RData *NewRData, mDNSu16 rdlength) 2695 { 2696 domainname *target; 2697 if (NewRData) 2698 { 2699 rr->rdata = NewRData; 2700 rr->rdlength = rdlength; 2701 } 2702 // Must not try to get target pointer until after updating rr->rdata 2703 target = GetRRDomainNameTarget(rr); 2704 rr->rdlength = GetRDLength(rr, mDNSfalse); 2705 rr->rdestimate = GetRDLength(rr, mDNStrue); 2706 rr->rdatahash = target ? DomainNameHashValue(target) : RDataHashValue(rr); 2707 } 2708 2709 mDNSexport const mDNSu8 *skipDomainName(const DNSMessage *const msg, const mDNSu8 *ptr, const mDNSu8 *const end) 2710 { 2711 mDNSu16 total = 0; 2712 2713 if (ptr < (mDNSu8*)msg || ptr >= end) 2714 { debugf("skipDomainName: Illegal ptr not within packet boundaries"); return(mDNSNULL); } 2715 2716 while (1) // Read sequence of labels 2717 { 2718 const mDNSu8 len = *ptr++; // Read length of this label 2719 if (len == 0) return(ptr); // If length is zero, that means this name is complete 2720 switch (len & 0xC0) 2721 { 2722 case 0x00: if (ptr + len >= end) // Remember: expect at least one more byte for the root label 2723 { debugf("skipDomainName: Malformed domain name (overruns packet end)"); return(mDNSNULL); } 2724 if (total + 1 + len >= MAX_DOMAIN_NAME) // Remember: expect at least one more byte for the root label 2725 { debugf("skipDomainName: Malformed domain name (more than 256 characters)"); return(mDNSNULL); } 2726 ptr += len; 2727 total += 1 + len; 2728 break; 2729 2730 case 0x40: debugf("skipDomainName: Extended EDNS0 label types 0x%X not supported", len); return(mDNSNULL); 2731 case 0x80: debugf("skipDomainName: Illegal label length 0x%X", len); return(mDNSNULL); 2732 case 0xC0: return(ptr+1); 2733 } 2734 } 2735 } 2736 2737 // Routine to fetch an FQDN from the DNS message, following compression pointers if necessary. 2738 mDNSexport const mDNSu8 *getDomainName(const DNSMessage *const msg, const mDNSu8 *ptr, const mDNSu8 *const end, 2739 domainname *const name) 2740 { 2741 const mDNSu8 *nextbyte = mDNSNULL; // Record where we got to before we started following pointers 2742 mDNSu8 *np = name->c; // Name pointer 2743 const mDNSu8 *const limit = np + MAX_DOMAIN_NAME; // Limit so we don't overrun buffer 2744 2745 if (ptr < (mDNSu8*)msg || ptr >= end) 2746 { debugf("getDomainName: Illegal ptr not within packet boundaries"); return(mDNSNULL); } 2747 2748 *np = 0; // Tentatively place the root label here (may be overwritten if we have more labels) 2749 2750 while (1) // Read sequence of labels 2751 { 2752 int i; 2753 mDNSu16 offset; 2754 const mDNSu8 len = *ptr++; // Read length of this label 2755 if (len == 0) break; // If length is zero, that means this name is complete 2756 switch (len & 0xC0) 2757 { 2758 2759 case 0x00: if (ptr + len >= end) // Remember: expect at least one more byte for the root label 2760 { debugf("getDomainName: Malformed domain name (overruns packet end)"); return(mDNSNULL); } 2761 if (np + 1 + len >= limit) // Remember: expect at least one more byte for the root label 2762 { debugf("getDomainName: Malformed domain name (more than 256 characters)"); return(mDNSNULL); } 2763 *np++ = len; 2764 for (i=0; i<len; i++) *np++ = *ptr++; 2765 *np = 0; // Tentatively place the root label here (may be overwritten if we have more labels) 2766 break; 2767 2768 case 0x40: debugf("getDomainName: Extended EDNS0 label types 0x%X not supported in name %##s", len, name->c); 2769 return(mDNSNULL); 2770 2771 case 0x80: debugf("getDomainName: Illegal label length 0x%X in domain name %##s", len, name->c); return(mDNSNULL); 2772 2773 case 0xC0: if (ptr >= end) 2774 { debugf("getDomainName: Malformed compression label (overruns packet end)"); return(mDNSNULL); } 2775 offset = (mDNSu16)((((mDNSu16)(len & 0x3F)) << 8) | *ptr++); 2776 if (!nextbyte) nextbyte = ptr; // Record where we got to before we started following pointers 2777 ptr = (mDNSu8 *)msg + offset; 2778 if (ptr < (mDNSu8*)msg || ptr >= end) 2779 { debugf("getDomainName: Illegal compression pointer not within packet boundaries"); return(mDNSNULL); } 2780 if (*ptr & 0xC0) 2781 { debugf("getDomainName: Compression pointer must point to real label"); return(mDNSNULL); } 2782 break; 2783 } 2784 } 2785 2786 if (nextbyte) return(nextbyte); 2787 else return(ptr); 2788 } 2789 2790 mDNSexport const mDNSu8 *skipResourceRecord(const DNSMessage *msg, const mDNSu8 *ptr, const mDNSu8 *end) 2791 { 2792 mDNSu16 pktrdlength; 2793 2794 ptr = skipDomainName(msg, ptr, end); 2795 if (!ptr) { debugf("skipResourceRecord: Malformed RR name"); return(mDNSNULL); } 2796 2797 if (ptr + 10 > end) { debugf("skipResourceRecord: Malformed RR -- no type/class/ttl/len!"); return(mDNSNULL); } 2798 pktrdlength = (mDNSu16)((mDNSu16)ptr[8] << 8 | ptr[9]); 2799 ptr += 10; 2800 if (ptr + pktrdlength > end) { debugf("skipResourceRecord: RDATA exceeds end of packet"); return(mDNSNULL); } 2801 2802 return(ptr + pktrdlength); 2803 } 2804 2805 // Sanity check whether the NSEC/NSEC3 bitmap is good 2806 mDNSlocal mDNSu8 *SanityCheckBitMap(const mDNSu8 *bmap, const mDNSu8 *end, int len) 2807 { 2808 int win, wlen; 2809 2810 while (bmap < end) 2811 { 2812 if (len < 3) 2813 { 2814 LogInfo("SanityCheckBitMap: invalid length %d", len); 2815 return mDNSNULL; 2816 } 2817 2818 win = *bmap++; 2819 wlen = *bmap++; 2820 len -= 2; 2821 if (len < wlen || wlen < 1 || wlen > 32) 2822 { 2823 LogInfo("SanityCheckBitMap: invalid window length %d", wlen); 2824 return mDNSNULL; 2825 } 2826 if (win < 0 || win >= 256) 2827 { 2828 LogInfo("SanityCheckBitMap: invalid window %d", win); 2829 return mDNSNULL; 2830 } 2831 2832 bmap += wlen; 2833 len -= wlen; 2834 } 2835 return (mDNSu8 *)bmap; 2836 } 2837 2838 // This function is called with "msg" when we receive a DNS message and needs to parse a single resource record 2839 // pointed to by "ptr". Some resource records like SOA, SRV are converted to host order and also expanded 2840 // (domainnames are expanded to 255 bytes) when stored in memory. 2841 // 2842 // This function can also be called with "NULL" msg to parse a single resource record pointed to by ptr. 2843 // The caller can do this only if the names in the resource records are not compressed and validity of the 2844 // resource record has already been done before. DNSSEC currently uses it this way. 2845 mDNSexport mDNSBool SetRData(const DNSMessage *const msg, const mDNSu8 *ptr, const mDNSu8 *end, 2846 LargeCacheRecord *const largecr, mDNSu16 rdlength) 2847 { 2848 CacheRecord *const rr = &largecr->r; 2849 RDataBody2 *const rdb = (RDataBody2 *)rr->smallrdatastorage.data; 2850 2851 switch (rr->resrec.rrtype) 2852 { 2853 case kDNSType_A: 2854 if (rdlength != sizeof(mDNSv4Addr)) 2855 goto fail; 2856 rdb->ipv4.b[0] = ptr[0]; 2857 rdb->ipv4.b[1] = ptr[1]; 2858 rdb->ipv4.b[2] = ptr[2]; 2859 rdb->ipv4.b[3] = ptr[3]; 2860 break; 2861 2862 case kDNSType_NS: 2863 case kDNSType_MD: 2864 case kDNSType_MF: 2865 case kDNSType_CNAME: 2866 case kDNSType_MB: 2867 case kDNSType_MG: 2868 case kDNSType_MR: 2869 case kDNSType_PTR: 2870 case kDNSType_NSAP_PTR: 2871 case kDNSType_DNAME: 2872 if (msg) 2873 { 2874 ptr = getDomainName(msg, ptr, end, &rdb->name); 2875 } 2876 else 2877 { 2878 AssignDomainName(&rdb->name, (domainname *)ptr); 2879 ptr += DomainNameLength(&rdb->name); 2880 } 2881 if (ptr != end) 2882 { 2883 debugf("SetRData: Malformed CNAME/PTR RDATA name"); 2884 goto fail; 2885 } 2886 break; 2887 2888 case kDNSType_SOA: 2889 if (msg) 2890 { 2891 ptr = getDomainName(msg, ptr, end, &rdb->soa.mname); 2892 } 2893 else 2894 { 2895 AssignDomainName(&rdb->soa.mname, (domainname *)ptr); 2896 ptr += DomainNameLength(&rdb->soa.mname); 2897 } 2898 if (!ptr) 2899 { 2900 debugf("SetRData: Malformed SOA RDATA mname"); 2901 goto fail; 2902 } 2903 if (msg) 2904 { 2905 ptr = getDomainName(msg, ptr, end, &rdb->soa.rname); 2906 } 2907 else 2908 { 2909 AssignDomainName(&rdb->soa.rname, (domainname *)ptr); 2910 ptr += DomainNameLength(&rdb->soa.rname); 2911 } 2912 if (!ptr) 2913 { 2914 debugf("SetRData: Malformed SOA RDATA rname"); 2915 goto fail; 2916 } 2917 if (ptr + 0x14 != end) 2918 { 2919 debugf("SetRData: Malformed SOA RDATA"); 2920 goto fail; 2921 } 2922 rdb->soa.serial = (mDNSs32) ((mDNSs32)ptr[0x00] << 24 | (mDNSs32)ptr[0x01] << 16 | (mDNSs32)ptr[0x02] << 8 | ptr[0x03]); 2923 rdb->soa.refresh = (mDNSu32) ((mDNSu32)ptr[0x04] << 24 | (mDNSu32)ptr[0x05] << 16 | (mDNSu32)ptr[0x06] << 8 | ptr[0x07]); 2924 rdb->soa.retry = (mDNSu32) ((mDNSu32)ptr[0x08] << 24 | (mDNSu32)ptr[0x09] << 16 | (mDNSu32)ptr[0x0A] << 8 | ptr[0x0B]); 2925 rdb->soa.expire = (mDNSu32) ((mDNSu32)ptr[0x0C] << 24 | (mDNSu32)ptr[0x0D] << 16 | (mDNSu32)ptr[0x0E] << 8 | ptr[0x0F]); 2926 rdb->soa.min = (mDNSu32) ((mDNSu32)ptr[0x10] << 24 | (mDNSu32)ptr[0x11] << 16 | (mDNSu32)ptr[0x12] << 8 | ptr[0x13]); 2927 break; 2928 2929 case kDNSType_NULL: 2930 case kDNSType_HINFO: 2931 case kDNSType_TXT: 2932 case kDNSType_X25: 2933 case kDNSType_ISDN: 2934 case kDNSType_LOC: 2935 case kDNSType_DHCID: 2936 rr->resrec.rdlength = rdlength; 2937 mDNSPlatformMemCopy(rdb->data, ptr, rdlength); 2938 break; 2939 2940 case kDNSType_MX: 2941 case kDNSType_AFSDB: 2942 case kDNSType_RT: 2943 case kDNSType_KX: 2944 // Preference + domainname 2945 if (rdlength < 3) 2946 goto fail; 2947 rdb->mx.preference = (mDNSu16)((mDNSu16)ptr[0] << 8 | ptr[1]); 2948 ptr += 2; 2949 if (msg) 2950 { 2951 ptr = getDomainName(msg, ptr, end, &rdb->mx.exchange); 2952 } 2953 else 2954 { 2955 AssignDomainName(&rdb->mx.exchange, (domainname *)ptr); 2956 ptr += DomainNameLength(&rdb->mx.exchange); 2957 } 2958 if (ptr != end) 2959 { 2960 debugf("SetRData: Malformed MX name"); 2961 goto fail; 2962 } 2963 break; 2964 2965 case kDNSType_MINFO: 2966 case kDNSType_RP: 2967 // Domainname + domainname 2968 if (msg) 2969 { 2970 ptr = getDomainName(msg, ptr, end, &rdb->rp.mbox); 2971 } 2972 else 2973 { 2974 AssignDomainName(&rdb->rp.mbox, (domainname *)ptr); 2975 ptr += DomainNameLength(&rdb->rp.mbox); 2976 } 2977 if (!ptr) 2978 { 2979 debugf("SetRData: Malformed RP mbox"); 2980 goto fail; 2981 } 2982 if (msg) 2983 { 2984 ptr = getDomainName(msg, ptr, end, &rdb->rp.txt); 2985 } 2986 else 2987 { 2988 AssignDomainName(&rdb->rp.txt, (domainname *)ptr); 2989 ptr += DomainNameLength(&rdb->rp.txt); 2990 } 2991 if (ptr != end) 2992 { 2993 debugf("SetRData: Malformed RP txt"); 2994 goto fail; 2995 } 2996 break; 2997 2998 case kDNSType_PX: 2999 // Preference + domainname + domainname 3000 if (rdlength < 4) 3001 goto fail; 3002 rdb->px.preference = (mDNSu16)((mDNSu16)ptr[0] << 8 | ptr[1]); 3003 ptr += 2; 3004 if (msg) 3005 { 3006 ptr = getDomainName(msg, ptr, end, &rdb->px.map822); 3007 } 3008 else 3009 { 3010 AssignDomainName(&rdb->px.map822, (domainname *)ptr); 3011 ptr += DomainNameLength(&rdb->px.map822); 3012 } 3013 if (!ptr) 3014 { 3015 debugf("SetRData: Malformed PX map822"); 3016 goto fail; 3017 } 3018 if (msg) 3019 { 3020 ptr = getDomainName(msg, ptr, end, &rdb->px.mapx400); 3021 } 3022 else 3023 { 3024 AssignDomainName(&rdb->px.mapx400, (domainname *)ptr); 3025 ptr += DomainNameLength(&rdb->px.mapx400); 3026 } 3027 if (ptr != end) 3028 { 3029 debugf("SetRData: Malformed PX mapx400"); 3030 goto fail; 3031 } 3032 break; 3033 3034 case kDNSType_AAAA: 3035 if (rdlength != sizeof(mDNSv6Addr)) 3036 goto fail; 3037 mDNSPlatformMemCopy(&rdb->ipv6, ptr, sizeof(rdb->ipv6)); 3038 break; 3039 3040 case kDNSType_SRV: 3041 // Priority + weight + port + domainname 3042 if (rdlength < 7) 3043 goto fail; 3044 rdb->srv.priority = (mDNSu16)((mDNSu16)ptr[0] << 8 | ptr[1]); 3045 rdb->srv.weight = (mDNSu16)((mDNSu16)ptr[2] << 8 | ptr[3]); 3046 rdb->srv.port.b[0] = ptr[4]; 3047 rdb->srv.port.b[1] = ptr[5]; 3048 ptr += 6; 3049 if (msg) 3050 { 3051 ptr = getDomainName(msg, ptr, end, &rdb->srv.target); 3052 } 3053 else 3054 { 3055 AssignDomainName(&rdb->srv.target, (domainname *)ptr); 3056 ptr += DomainNameLength(&rdb->srv.target); 3057 } 3058 if (ptr != end) 3059 { 3060 debugf("SetRData: Malformed SRV RDATA name"); 3061 goto fail; 3062 } 3063 break; 3064 3065 case kDNSType_NAPTR: 3066 { 3067 int savelen, len; 3068 domainname name; 3069 const mDNSu8 *orig = ptr; 3070 3071 // Make sure the data is parseable and within the limits. DNSSEC code looks at 3072 // the domain name in the end for a valid domainname. 3073 // 3074 // Fixed length: Order, preference (4 bytes) 3075 // Variable length: flags, service, regexp, domainname 3076 3077 if (rdlength < 8) 3078 goto fail; 3079 // Order, preference. 3080 ptr += 4; 3081 // Parse flags, Service and Regexp 3082 // length in the first byte does not include the length byte itself 3083 len = *ptr + 1; 3084 ptr += len; 3085 if (ptr >= end) 3086 { 3087 LogInfo("SetRData: Malformed NAPTR flags"); 3088 goto fail; 3089 } 3090 3091 // Service 3092 len = *ptr + 1; 3093 ptr += len; 3094 if (ptr >= end) 3095 { 3096 LogInfo("SetRData: Malformed NAPTR service"); 3097 goto fail; 3098 } 3099 3100 // Regexp 3101 len = *ptr + 1; 3102 ptr += len; 3103 if (ptr >= end) 3104 { 3105 LogInfo("SetRData: Malformed NAPTR regexp"); 3106 goto fail; 3107 } 3108 3109 savelen = ptr - orig; 3110 3111 // RFC 2915 states that name compression is not allowed for this field. But RFC 3597 3112 // states that for NAPTR we should decompress. We make sure that we store the full 3113 // name rather than the compressed name 3114 if (msg) 3115 { 3116 ptr = getDomainName(msg, ptr, end, &name); 3117 } 3118 else 3119 { 3120 AssignDomainName(&name, (domainname *)ptr); 3121 ptr += DomainNameLength(&name); 3122 } 3123 if (ptr != end) 3124 { 3125 LogInfo("SetRData: Malformed NAPTR RDATA name"); 3126 goto fail; 3127 } 3128 3129 rr->resrec.rdlength = savelen + DomainNameLength(&name); 3130 // The uncompressed size should not exceed the limits 3131 if (rr->resrec.rdlength > MaximumRDSize) 3132 { 3133 LogInfo("SetRData: Malformed NAPTR rdlength %d, rr->resrec.rdlength %d, " 3134 "bmaplen %d, name %##s", rdlength, rr->resrec.rdlength, name.c); 3135 goto fail; 3136 } 3137 mDNSPlatformMemCopy(rdb->data, orig, savelen); 3138 AssignDomainName((domainname *)(rdb->data + savelen), &name); 3139 break; 3140 } 3141 case kDNSType_OPT: { 3142 mDNSu8 *dataend = rr->resrec.rdata->u.data; 3143 rdataOPT *opt = rr->resrec.rdata->u.opt; 3144 rr->resrec.rdlength = 0; 3145 while (ptr < end && (mDNSu8 *)(opt+1) < &dataend[MaximumRDSize]) 3146 { 3147 const rdataOPT *const currentopt = opt; 3148 if (ptr + 4 > end) { LogInfo("SetRData: OPT RDATA ptr + 4 > end"); goto fail; } 3149 opt->opt = (mDNSu16)((mDNSu16)ptr[0] << 8 | ptr[1]); 3150 opt->optlen = (mDNSu16)((mDNSu16)ptr[2] << 8 | ptr[3]); 3151 ptr += 4; 3152 if (ptr + opt->optlen > end) { LogInfo("SetRData: ptr + opt->optlen > end"); goto fail; } 3153 switch (opt->opt) 3154 { 3155 case kDNSOpt_LLQ: 3156 if (opt->optlen == DNSOpt_LLQData_Space - 4) 3157 { 3158 opt->u.llq.vers = (mDNSu16)((mDNSu16)ptr[0] << 8 | ptr[1]); 3159 opt->u.llq.llqOp = (mDNSu16)((mDNSu16)ptr[2] << 8 | ptr[3]); 3160 opt->u.llq.err = (mDNSu16)((mDNSu16)ptr[4] << 8 | ptr[5]); 3161 mDNSPlatformMemCopy(opt->u.llq.id.b, ptr+6, 8); 3162 opt->u.llq.llqlease = (mDNSu32) ((mDNSu32)ptr[14] << 24 | (mDNSu32)ptr[15] << 16 | (mDNSu32)ptr[16] << 8 | ptr[17]); 3163 if (opt->u.llq.llqlease > 0x70000000UL / mDNSPlatformOneSecond) 3164 opt->u.llq.llqlease = 0x70000000UL / mDNSPlatformOneSecond; 3165 opt++; 3166 } 3167 break; 3168 case kDNSOpt_Lease: 3169 if (opt->optlen == DNSOpt_LeaseData_Space - 4) 3170 { 3171 opt->u.updatelease = (mDNSu32) ((mDNSu32)ptr[0] << 24 | (mDNSu32)ptr[1] << 16 | (mDNSu32)ptr[2] << 8 | ptr[3]); 3172 if (opt->u.updatelease > 0x70000000UL / mDNSPlatformOneSecond) 3173 opt->u.updatelease = 0x70000000UL / mDNSPlatformOneSecond; 3174 opt++; 3175 } 3176 break; 3177 case kDNSOpt_Owner: 3178 if (ValidOwnerLength(opt->optlen)) 3179 { 3180 opt->u.owner.vers = ptr[0]; 3181 opt->u.owner.seq = ptr[1]; 3182 mDNSPlatformMemCopy(opt->u.owner.HMAC.b, ptr+2, 6); // 6-byte MAC address 3183 mDNSPlatformMemCopy(opt->u.owner.IMAC.b, ptr+2, 6); // 6-byte MAC address 3184 opt->u.owner.password = zeroEthAddr; 3185 if (opt->optlen >= DNSOpt_OwnerData_ID_Wake_Space-4) 3186 { 3187 mDNSPlatformMemCopy(opt->u.owner.IMAC.b, ptr+8, 6); // 6-byte MAC address 3188 // This mDNSPlatformMemCopy is safe because the ValidOwnerLength(opt->optlen) check above 3189 // ensures that opt->optlen is no more than DNSOpt_OwnerData_ID_Wake_PW6_Space - 4 3190 if (opt->optlen > DNSOpt_OwnerData_ID_Wake_Space-4) 3191 mDNSPlatformMemCopy(opt->u.owner.password.b, ptr+14, opt->optlen - (DNSOpt_OwnerData_ID_Wake_Space-4)); 3192 } 3193 opt++; 3194 } 3195 break; 3196 case kDNSOpt_Trace: 3197 if (opt->optlen == DNSOpt_TraceData_Space - 4) 3198 { 3199 opt->u.tracer.platf = ptr[0]; 3200 opt->u.tracer.mDNSv = (mDNSu32) ((mDNSu32)ptr[1] << 24 | (mDNSu32)ptr[2] << 16 | (mDNSu32)ptr[3] << 8 | ptr[4]); 3201 opt++; 3202 } 3203 else 3204 { 3205 opt->u.tracer.platf = 0xFF; 3206 opt->u.tracer.mDNSv = 0xFFFFFFFF; 3207 opt++; 3208 } 3209 break; 3210 } 3211 ptr += currentopt->optlen; 3212 } 3213 rr->resrec.rdlength = (mDNSu16)((mDNSu8*)opt - rr->resrec.rdata->u.data); 3214 if (ptr != end) { LogInfo("SetRData: Malformed OptRdata"); goto fail; } 3215 break; 3216 } 3217 3218 case kDNSType_NSEC: { 3219 domainname name; 3220 int len = rdlength; 3221 int bmaplen, dlen; 3222 const mDNSu8 *orig = ptr; 3223 const mDNSu8 *bmap; 3224 3225 if (msg) 3226 { 3227 ptr = getDomainName(msg, ptr, end, &name); 3228 } 3229 else 3230 { 3231 AssignDomainName(&name, (domainname *)ptr); 3232 ptr += DomainNameLength(&name); 3233 } 3234 if (!ptr) 3235 { 3236 LogInfo("SetRData: Malformed NSEC nextname"); 3237 goto fail; 3238 } 3239 3240 dlen = DomainNameLength(&name); 3241 3242 // Multicast NSECs use name compression for this field unlike the unicast case which 3243 // does not use compression. And multicast case always succeeds in compression. So, 3244 // the rdlength includes only the compressed space in that case. So, can't 3245 // use the DomainNameLength of name to reduce the length here. 3246 len -= (ptr - orig); 3247 bmaplen = len; // Save the length of the bitmap 3248 bmap = ptr; 3249 ptr = SanityCheckBitMap(bmap, end, len); 3250 if (!ptr) 3251 goto fail; 3252 if (ptr != end) 3253 { 3254 LogInfo("SetRData: Malformed NSEC length not right"); 3255 goto fail; 3256 } 3257 3258 // Initialize the right length here. When we call SetNewRData below which in turn calls 3259 // GetRDLength and for NSEC case, it assumes that rdlength is intitialized 3260 rr->resrec.rdlength = DomainNameLength(&name) + bmaplen; 3261 3262 // Do we have space after the name expansion ? 3263 if (rr->resrec.rdlength > MaximumRDSize) 3264 { 3265 LogInfo("SetRData: Malformed NSEC rdlength %d, rr->resrec.rdlength %d, " 3266 "bmaplen %d, name %##s", rdlength, rr->resrec.rdlength, name.c); 3267 goto fail; 3268 } 3269 AssignDomainName((domainname *)rdb->data, &name); 3270 mDNSPlatformMemCopy(rdb->data + dlen, bmap, bmaplen); 3271 break; 3272 } 3273 case kDNSType_NSEC3: 3274 { 3275 rdataNSEC3 *nsec3 = (rdataNSEC3 *)ptr; 3276 mDNSu8 *p = (mDNSu8 *)&nsec3->salt; 3277 int hashLength, bitmaplen; 3278 3279 if (rdlength < NSEC3_FIXED_SIZE + 1) 3280 { 3281 LogInfo("SetRData: NSEC3 too small length %d", rdlength); 3282 goto fail; 3283 } 3284 if (nsec3->alg != SHA1_DIGEST_TYPE) 3285 { 3286 LogInfo("SetRData: nsec3 alg %d not supported", nsec3->alg); 3287 goto fail; 3288 } 3289 if (swap16(nsec3->iterations) > NSEC3_MAX_ITERATIONS) 3290 { 3291 LogInfo("SetRData: nsec3 iteration count %d too big", swap16(nsec3->iterations)); 3292 goto fail; 3293 } 3294 p += nsec3->saltLength; 3295 // There should at least be one byte beyond saltLength 3296 if (p >= end) 3297 { 3298 LogInfo("SetRData: nsec3 too small, at saltlength %d, p %p, end %p", nsec3->saltLength, p, end); 3299 goto fail; 3300 } 3301 // p is pointing at hashLength 3302 hashLength = (int)*p++; 3303 if (!hashLength) 3304 { 3305 LogInfo("SetRData: hashLength zero"); 3306 goto fail; 3307 } 3308 p += hashLength; 3309 if (p > end) 3310 { 3311 LogInfo("SetRData: nsec3 too small, at hashLength %d, p %p, end %p", hashLength, p, end); 3312 goto fail; 3313 } 3314 3315 bitmaplen = rdlength - (int)(p - ptr); 3316 p = SanityCheckBitMap(p, end, bitmaplen); 3317 if (!p) 3318 goto fail; 3319 rr->resrec.rdlength = rdlength; 3320 mDNSPlatformMemCopy(rdb->data, ptr, rdlength); 3321 break; 3322 } 3323 case kDNSType_TKEY: 3324 case kDNSType_TSIG: 3325 { 3326 domainname name; 3327 int dlen, rlen; 3328 3329 // The name should not be compressed. But we take the conservative approach 3330 // and uncompress the name before we store it. 3331 if (msg) 3332 { 3333 ptr = getDomainName(msg, ptr, end, &name); 3334 } 3335 else 3336 { 3337 AssignDomainName(&name, (domainname *)ptr); 3338 ptr += DomainNameLength(&name); 3339 } 3340 if (!ptr || ptr >= end) 3341 { 3342 LogInfo("SetRData: Malformed name for TSIG/TKEY type %d", rr->resrec.rrtype); 3343 goto fail; 3344 } 3345 dlen = DomainNameLength(&name); 3346 rlen = end - ptr; 3347 rr->resrec.rdlength = dlen + rlen; 3348 if (rr->resrec.rdlength > MaximumRDSize) 3349 { 3350 LogInfo("SetRData: Malformed TSIG/TKEY rdlength %d, rr->resrec.rdlength %d, " 3351 "bmaplen %d, name %##s", rdlength, rr->resrec.rdlength, name.c); 3352 goto fail; 3353 } 3354 AssignDomainName((domainname *)rdb->data, &name); 3355 mDNSPlatformMemCopy(rdb->data + dlen, ptr, rlen); 3356 break; 3357 } 3358 case kDNSType_RRSIG: 3359 { 3360 const mDNSu8 *sig = ptr + RRSIG_FIXED_SIZE; 3361 const mDNSu8 *orig = sig; 3362 domainname name; 3363 if (rdlength < RRSIG_FIXED_SIZE + 1) 3364 { 3365 LogInfo("SetRData: RRSIG too small length %d", rdlength); 3366 goto fail; 3367 } 3368 if (msg) 3369 { 3370 sig = getDomainName(msg, sig, end, &name); 3371 } 3372 else 3373 { 3374 AssignDomainName(&name, (domainname *)sig); 3375 sig += DomainNameLength(&name); 3376 } 3377 if (!sig) 3378 { 3379 LogInfo("SetRData: Malformed RRSIG record"); 3380 goto fail; 3381 } 3382 3383 if ((sig - orig) != DomainNameLength(&name)) 3384 { 3385 LogInfo("SetRData: Malformed RRSIG record, signer name compression"); 3386 goto fail; 3387 } 3388 // Just ensure that we have at least one byte of the signature 3389 if (sig + 1 >= end) 3390 { 3391 LogInfo("SetRData: Not enough bytes for signature type %d", rr->resrec.rrtype); 3392 goto fail; 3393 } 3394 rr->resrec.rdlength = rdlength; 3395 mDNSPlatformMemCopy(rdb->data, ptr, rdlength); 3396 break; 3397 } 3398 case kDNSType_DNSKEY: 3399 { 3400 if (rdlength < DNSKEY_FIXED_SIZE + 1) 3401 { 3402 LogInfo("SetRData: DNSKEY too small length %d", rdlength); 3403 goto fail; 3404 } 3405 rr->resrec.rdlength = rdlength; 3406 mDNSPlatformMemCopy(rdb->data, ptr, rdlength); 3407 break; 3408 } 3409 case kDNSType_DS: 3410 { 3411 if (rdlength < DS_FIXED_SIZE + 1) 3412 { 3413 LogInfo("SetRData: DS too small length %d", rdlength); 3414 goto fail; 3415 } 3416 rr->resrec.rdlength = rdlength; 3417 mDNSPlatformMemCopy(rdb->data, ptr, rdlength); 3418 break; 3419 } 3420 default: 3421 debugf("SetRData: Warning! Reading resource type %d (%s) as opaque data", 3422 rr->resrec.rrtype, DNSTypeName(rr->resrec.rrtype)); 3423 // Note: Just because we don't understand the record type, that doesn't 3424 // mean we fail. The DNS protocol specifies rdlength, so we can 3425 // safely skip over unknown records and ignore them. 3426 // We also grab a binary copy of the rdata anyway, since the caller 3427 // might know how to interpret it even if we don't. 3428 rr->resrec.rdlength = rdlength; 3429 mDNSPlatformMemCopy(rdb->data, ptr, rdlength); 3430 break; 3431 } 3432 return mDNStrue; 3433 fail: 3434 return mDNSfalse; 3435 } 3436 3437 mDNSexport const mDNSu8 *GetLargeResourceRecord(mDNS *const m, const DNSMessage *const msg, const mDNSu8 *ptr, 3438 const mDNSu8 *end, const mDNSInterfaceID InterfaceID, mDNSu8 RecordType, LargeCacheRecord *const largecr) 3439 { 3440 CacheRecord *const rr = &largecr->r; 3441 mDNSu16 pktrdlength; 3442 3443 if (largecr == &m->rec && m->rec.r.resrec.RecordType) 3444 LogFatalError("GetLargeResourceRecord: m->rec appears to be already in use for %s", CRDisplayString(m, &m->rec.r)); 3445 3446 rr->next = mDNSNULL; 3447 rr->resrec.name = &largecr->namestorage; 3448 3449 rr->NextInKAList = mDNSNULL; 3450 rr->TimeRcvd = m ? m->timenow : 0; 3451 rr->DelayDelivery = 0; 3452 rr->NextRequiredQuery = m ? m->timenow : 0; // Will be updated to the real value when we call SetNextCacheCheckTimeForRecord() 3453 rr->CRActiveQuestion = mDNSNULL; 3454 rr->UnansweredQueries = 0; 3455 rr->LastUnansweredTime= 0; 3456 rr->NextInCFList = mDNSNULL; 3457 3458 rr->resrec.InterfaceID = InterfaceID; 3459 rr->resrec.rDNSServer = mDNSNULL; 3460 3461 ptr = getDomainName(msg, ptr, end, &largecr->namestorage); // Will bail out correctly if ptr is NULL 3462 if (!ptr) { debugf("GetLargeResourceRecord: Malformed RR name"); return(mDNSNULL); } 3463 rr->resrec.namehash = DomainNameHashValue(rr->resrec.name); 3464 3465 if (ptr + 10 > end) { debugf("GetLargeResourceRecord: Malformed RR -- no type/class/ttl/len!"); return(mDNSNULL); } 3466 3467 rr->resrec.rrtype = (mDNSu16) ((mDNSu16)ptr[0] << 8 | ptr[1]); 3468 rr->resrec.rrclass = (mDNSu16)(((mDNSu16)ptr[2] << 8 | ptr[3]) & kDNSClass_Mask); 3469 rr->resrec.rroriginalttl = (mDNSu32) ((mDNSu32)ptr[4] << 24 | (mDNSu32)ptr[5] << 16 | (mDNSu32)ptr[6] << 8 | ptr[7]); 3470 if (rr->resrec.rroriginalttl > mDNSMaximumTTLSeconds && (mDNSs32)rr->resrec.rroriginalttl != -1) 3471 rr->resrec.rroriginalttl = mDNSMaximumTTLSeconds; 3472 // Note: We don't have to adjust m->NextCacheCheck here -- this is just getting a record into memory for 3473 // us to look at. If we decide to copy it into the cache, then we'll update m->NextCacheCheck accordingly. 3474 pktrdlength = (mDNSu16)((mDNSu16)ptr[8] << 8 | ptr[9]); 3475 3476 // If mDNS record has cache-flush bit set, we mark it unique 3477 // For uDNS records, all are implicitly deemed unique (a single DNS server is always authoritative for the entire RRSet) 3478 if (ptr[2] & (kDNSClass_UniqueRRSet >> 8) || !InterfaceID) 3479 RecordType |= kDNSRecordTypePacketUniqueMask; 3480 ptr += 10; 3481 if (ptr + pktrdlength > end) { debugf("GetLargeResourceRecord: RDATA exceeds end of packet"); return(mDNSNULL); } 3482 end = ptr + pktrdlength; // Adjust end to indicate the end of the rdata for this resource record 3483 3484 rr->resrec.rdata = (RData*)&rr->smallrdatastorage; 3485 rr->resrec.rdata->MaxRDLength = MaximumRDSize; 3486 3487 if (pktrdlength > MaximumRDSize) 3488 { 3489 LogInfo("GetLargeResourceRecord: %s rdata size (%d) exceeds storage (%d)", 3490 DNSTypeName(rr->resrec.rrtype), pktrdlength, rr->resrec.rdata->MaxRDLength); 3491 goto fail; 3492 } 3493 3494 if (!RecordType) LogMsg("GetLargeResourceRecord: No RecordType for %##s", rr->resrec.name->c); 3495 3496 // IMPORTANT: Any record type we understand and unpack into a structure containing domainnames needs to have corresponding 3497 // cases in SameRDataBody() and RDataHashValue() to do a semantic comparison (or checksum) of the structure instead of a blind 3498 // bitwise memory compare (or sum). This is because a domainname is a fixed size structure holding variable-length data. 3499 // Any bytes past the logical end of the name are undefined, and a blind bitwise memory compare may indicate that 3500 // two domainnames are different when semantically they are the same name and it's only the unused bytes that differ. 3501 if (rr->resrec.rrclass == kDNSQClass_ANY && pktrdlength == 0) // Used in update packets to mean "Delete An RRset" (RFC 2136) 3502 rr->resrec.rdlength = 0; 3503 else if (!SetRData(msg, ptr, end, largecr, pktrdlength)) 3504 goto fail; 3505 3506 SetNewRData(&rr->resrec, mDNSNULL, 0); // Sets rdlength, rdestimate, rdatahash for us 3507 3508 // Success! Now fill in RecordType to show this record contains valid data 3509 rr->resrec.RecordType = RecordType; 3510 return(end); 3511 3512 fail: 3513 // If we were unable to parse the rdata in this record, we indicate that by 3514 // returing a 'kDNSRecordTypePacketNegative' record with rdlength set to zero 3515 rr->resrec.RecordType = kDNSRecordTypePacketNegative; 3516 rr->resrec.rdlength = 0; 3517 rr->resrec.rdestimate = 0; 3518 rr->resrec.rdatahash = 0; 3519 return(end); 3520 } 3521 3522 mDNSexport const mDNSu8 *skipQuestion(const DNSMessage *msg, const mDNSu8 *ptr, const mDNSu8 *end) 3523 { 3524 ptr = skipDomainName(msg, ptr, end); 3525 if (!ptr) { debugf("skipQuestion: Malformed domain name in DNS question section"); return(mDNSNULL); } 3526 if (ptr+4 > end) { debugf("skipQuestion: Malformed DNS question section -- no query type and class!"); return(mDNSNULL); } 3527 return(ptr+4); 3528 } 3529 3530 mDNSexport const mDNSu8 *getQuestion(const DNSMessage *msg, const mDNSu8 *ptr, const mDNSu8 *end, const mDNSInterfaceID InterfaceID, 3531 DNSQuestion *question) 3532 { 3533 mDNSPlatformMemZero(question, sizeof(*question)); 3534 question->InterfaceID = InterfaceID; 3535 if (!InterfaceID) question->TargetQID = onesID; // In DNSQuestions we use TargetQID as the indicator of whether it's unicast or multicast 3536 ptr = getDomainName(msg, ptr, end, &question->qname); 3537 if (!ptr) { debugf("Malformed domain name in DNS question section"); return(mDNSNULL); } 3538 if (ptr+4 > end) { debugf("Malformed DNS question section -- no query type and class!"); return(mDNSNULL); } 3539 3540 question->qnamehash = DomainNameHashValue(&question->qname); 3541 question->qtype = (mDNSu16)((mDNSu16)ptr[0] << 8 | ptr[1]); // Get type 3542 question->qclass = (mDNSu16)((mDNSu16)ptr[2] << 8 | ptr[3]); // and class 3543 return(ptr+4); 3544 } 3545 3546 mDNSexport const mDNSu8 *LocateAnswers(const DNSMessage *const msg, const mDNSu8 *const end) 3547 { 3548 int i; 3549 const mDNSu8 *ptr = msg->data; 3550 for (i = 0; i < msg->h.numQuestions && ptr; i++) ptr = skipQuestion(msg, ptr, end); 3551 return(ptr); 3552 } 3553 3554 mDNSexport const mDNSu8 *LocateAuthorities(const DNSMessage *const msg, const mDNSu8 *const end) 3555 { 3556 int i; 3557 const mDNSu8 *ptr = LocateAnswers(msg, end); 3558 for (i = 0; i < msg->h.numAnswers && ptr; i++) ptr = skipResourceRecord(msg, ptr, end); 3559 return(ptr); 3560 } 3561 3562 mDNSexport const mDNSu8 *LocateAdditionals(const DNSMessage *const msg, const mDNSu8 *const end) 3563 { 3564 int i; 3565 const mDNSu8 *ptr = LocateAuthorities(msg, end); 3566 for (i = 0; i < msg->h.numAuthorities; i++) ptr = skipResourceRecord(msg, ptr, end); 3567 return (ptr); 3568 } 3569 3570 mDNSexport const mDNSu8 *LocateOptRR(const DNSMessage *const msg, const mDNSu8 *const end, int minsize) 3571 { 3572 int i; 3573 const mDNSu8 *ptr = LocateAdditionals(msg, end); 3574 3575 // Locate the OPT record. 3576 // According to RFC 2671, "One OPT pseudo-RR can be added to the additional data section of either a request or a response." 3577 // This implies that there may be *at most* one OPT record per DNS message, in the Additional Section, 3578 // but not necessarily the *last* entry in the Additional Section. 3579 for (i = 0; ptr && i < msg->h.numAdditionals; i++) 3580 { 3581 if (ptr + DNSOpt_Header_Space + minsize <= end && // Make sure we have 11+minsize bytes of data 3582 ptr[0] == 0 && // Name must be root label 3583 ptr[1] == (kDNSType_OPT >> 8 ) && // rrtype OPT 3584 ptr[2] == (kDNSType_OPT & 0xFF) && 3585 ((mDNSu16)ptr[9] << 8 | (mDNSu16)ptr[10]) >= (mDNSu16)minsize) 3586 return(ptr); 3587 else 3588 ptr = skipResourceRecord(msg, ptr, end); 3589 } 3590 return(mDNSNULL); 3591 } 3592 3593 // On success, GetLLQOptData returns pointer to storage within shared "m->rec"; 3594 // it is caller's responsibilty to clear m->rec.r.resrec.RecordType after use 3595 // Note: An OPT RDataBody actually contains one or more variable-length rdataOPT objects packed together 3596 // The code that currently calls this assumes there's only one, instead of iterating through the set 3597 mDNSexport const rdataOPT *GetLLQOptData(mDNS *const m, const DNSMessage *const msg, const mDNSu8 *const end) 3598 { 3599 const mDNSu8 *ptr = LocateOptRR(msg, end, DNSOpt_LLQData_Space); 3600 if (ptr) 3601 { 3602 ptr = GetLargeResourceRecord(m, msg, ptr, end, 0, kDNSRecordTypePacketAdd, &m->rec); 3603 if (ptr && m->rec.r.resrec.RecordType != kDNSRecordTypePacketNegative) return(&m->rec.r.resrec.rdata->u.opt[0]); 3604 } 3605 return(mDNSNULL); 3606 } 3607 3608 // Get the lease life of records in a dynamic update 3609 mDNSexport mDNSBool GetPktLease(mDNS *const m, const DNSMessage *const msg, const mDNSu8 *const end, mDNSu32 *const lease) 3610 { 3611 const mDNSu8 *ptr = LocateOptRR(msg, end, DNSOpt_LeaseData_Space); 3612 if (ptr) 3613 { 3614 ptr = GetLargeResourceRecord(m, msg, ptr, end, 0, kDNSRecordTypePacketAdd, &m->rec); 3615 if (ptr && m->rec.r.resrec.RecordType != kDNSRecordTypePacketNegative && m->rec.r.resrec.rrtype == kDNSType_OPT) 3616 { 3617 const rdataOPT *o; 3618 const rdataOPT *const e = (const rdataOPT *)&m->rec.r.resrec.rdata->u.data[m->rec.r.resrec.rdlength]; 3619 for (o = &m->rec.r.resrec.rdata->u.opt[0]; o < e; o++) 3620 if (o->opt == kDNSOpt_Lease) 3621 { 3622 *lease = o->u.updatelease; 3623 m->rec.r.resrec.RecordType = 0; // Clear RecordType to show we're not still using it 3624 return mDNStrue; 3625 } 3626 } 3627 m->rec.r.resrec.RecordType = 0; // Clear RecordType to show we're not still using it 3628 } 3629 return mDNSfalse; 3630 } 3631 3632 #define DNS_OP_Name(X) ( \ 3633 (X) == kDNSFlag0_OP_StdQuery ? "" : \ 3634 (X) == kDNSFlag0_OP_Iquery ? "Iquery " : \ 3635 (X) == kDNSFlag0_OP_Status ? "Status " : \ 3636 (X) == kDNSFlag0_OP_Unused3 ? "Unused3 " : \ 3637 (X) == kDNSFlag0_OP_Notify ? "Notify " : \ 3638 (X) == kDNSFlag0_OP_Update ? "Update " : \ 3639 (X) == kDNSFlag0_OP_Subscribe? "Subscribe": \ 3640 (X) == kDNSFlag0_OP_UnSubscribe? "UnSubscribe" : "?? " ) 3641 3642 #define DNS_RC_Name(X) ( \ 3643 (X) == kDNSFlag1_RC_NoErr ? "NoErr" : \ 3644 (X) == kDNSFlag1_RC_FormErr ? "FormErr" : \ 3645 (X) == kDNSFlag1_RC_ServFail ? "ServFail" : \ 3646 (X) == kDNSFlag1_RC_NXDomain ? "NXDomain" : \ 3647 (X) == kDNSFlag1_RC_NotImpl ? "NotImpl" : \ 3648 (X) == kDNSFlag1_RC_Refused ? "Refused" : \ 3649 (X) == kDNSFlag1_RC_YXDomain ? "YXDomain" : \ 3650 (X) == kDNSFlag1_RC_YXRRSet ? "YXRRSet" : \ 3651 (X) == kDNSFlag1_RC_NXRRSet ? "NXRRSet" : \ 3652 (X) == kDNSFlag1_RC_NotAuth ? "NotAuth" : \ 3653 (X) == kDNSFlag1_RC_NotZone ? "NotZone" : "??" ) 3654 3655 mDNSlocal void mDNS_snprintf_add(char **ptr, const char *lim, const char *fmt, ...) 3656 { 3657 va_list args; 3658 mDNSu32 buflen, n; 3659 char *const dst = *ptr; 3660 3661 buflen = (mDNSu32)(lim - dst); 3662 if (buflen > 0) 3663 { 3664 va_start(args, fmt); 3665 n = mDNS_vsnprintf(dst, buflen, fmt, args); 3666 va_end(args); 3667 *ptr = dst + n; 3668 } 3669 } 3670 3671 #define DNSTypeString(X) (((X) == kDNSType_A) ? "A" : DNSTypeName(X)) 3672 3673 #define ReadField16(PTR) ((mDNSu16)((((mDNSu16)((mDNSu8 *)(PTR))[0]) << 8) | ((mDNSu16)((mDNSu8 *)(PTR))[1]))) 3674 #define ReadField32(PTR) \ 3675 ((mDNSu32)( \ 3676 (((mDNSu32)((mDNSu8 *)(PTR))[0]) << 24) | \ 3677 (((mDNSu32)((mDNSu8 *)(PTR))[1]) << 16) | \ 3678 (((mDNSu32)((mDNSu8 *)(PTR))[2]) << 8) | \ 3679 ((mDNSu32)((mDNSu8 *)(PTR))[3]))) 3680 3681 mDNSlocal void DNSMessageDump(const DNSMessage *const msg, const mDNSu8 *const end, char *buffer, mDNSu32 buflen) 3682 { 3683 domainname *name; 3684 const mDNSu8 *ptr; 3685 domainname nameStorage[2]; 3686 char *dst = buffer; 3687 const char *const lim = &buffer[buflen]; 3688 mDNSu32 i; 3689 const mDNSu32 rrcount = msg->h.numAnswers + msg->h.numAuthorities + msg->h.numAdditionals; 3690 3691 mDNS_snprintf_add(&dst, lim, "DNS %s%s (%lu) (flags %02X%02X) RCODE: %s (%d)%s%s%s%s%s%s ID: %u:", 3692 DNS_OP_Name(msg->h.flags.b[0] & kDNSFlag0_OP_Mask), 3693 (msg->h.flags.b[0] & kDNSFlag0_QR_Response) ? "Response" : "Query", 3694 (unsigned long)(end - (const mDNSu8 *)msg), 3695 msg->h.flags.b[0], msg->h.flags.b[1], 3696 DNS_RC_Name(msg->h.flags.b[1] & kDNSFlag1_RC_Mask), 3697 msg->h.flags.b[1] & kDNSFlag1_RC_Mask, 3698 (msg->h.flags.b[0] & kDNSFlag0_AA) ? " AA" : "", 3699 (msg->h.flags.b[0] & kDNSFlag0_TC) ? " TC" : "", 3700 (msg->h.flags.b[0] & kDNSFlag0_RD) ? " RD" : "", 3701 (msg->h.flags.b[1] & kDNSFlag1_RA) ? " RA" : "", 3702 (msg->h.flags.b[1] & kDNSFlag1_AD) ? " AD" : "", 3703 (msg->h.flags.b[1] & kDNSFlag1_CD) ? " CD" : "", 3704 mDNSVal16(msg->h.id)); 3705 3706 name = mDNSNULL; 3707 ptr = msg->data; 3708 for (i = 0; i < msg->h.numQuestions; i++) 3709 { 3710 mDNSu16 qtype, qclass; 3711 3712 name = &nameStorage[0]; 3713 ptr = getDomainName(msg, ptr, end, name); 3714 if (!ptr) goto exit; 3715 3716 if ((end - ptr) < 4) goto exit; 3717 qtype = ReadField16(&ptr[0]); 3718 qclass = ReadField16(&ptr[2]); 3719 ptr += 4; 3720 3721 mDNS_snprintf_add(&dst, lim, " %##s %s", name->c, DNSTypeString(qtype)); 3722 if (qclass != kDNSClass_IN) mDNS_snprintf_add(&dst, lim, "/%u", qclass); 3723 mDNS_snprintf_add(&dst, lim, "?"); 3724 } 3725 3726 mDNS_snprintf_add(&dst, lim, " %u/%u/%u", msg->h.numAnswers, msg->h.numAuthorities, msg->h.numAdditionals); 3727 for (i = 0; i < rrcount; i++) 3728 { 3729 mDNSu16 rrtype, rrclass, rdlength; 3730 mDNSu32 ttl; 3731 int handled; 3732 const mDNSu8 *rdata; 3733 const domainname *const previousName = name; 3734 3735 name = &nameStorage[(name == &nameStorage[0]) ? 1 : 0]; 3736 ptr = getDomainName(msg, ptr, end, name); 3737 if (!ptr) goto exit; 3738 3739 if ((end - ptr) < 10) goto exit; 3740 rrtype = ReadField16(&ptr[0]); 3741 rrclass = ReadField16(&ptr[2]); 3742 ttl = ReadField32(&ptr[4]); 3743 rdlength = ReadField16(&ptr[8]); 3744 ptr += 10; 3745 3746 if ((end - ptr) < rdlength) goto exit; 3747 rdata = ptr; 3748 3749 if (i > 0) mDNS_snprintf_add(&dst, lim, ","); 3750 if (!previousName || !SameDomainName(name, previousName)) mDNS_snprintf_add(&dst, lim, " %##s", name); 3751 3752 mDNS_snprintf_add(&dst, lim, " %s", DNSTypeString(rrtype)); 3753 if (rrclass != kDNSClass_IN) mDNS_snprintf_add(&dst, lim, "/%u", rrclass); 3754 mDNS_snprintf_add(&dst, lim, " "); 3755 3756 handled = mDNSfalse; 3757 switch (rrtype) 3758 { 3759 case kDNSType_A: 3760 if (rdlength == 4) 3761 { 3762 mDNS_snprintf_add(&dst, lim, "%.4a", rdata); 3763 handled = mDNStrue; 3764 } 3765 break; 3766 3767 case kDNSType_AAAA: 3768 if (rdlength == 16) 3769 { 3770 mDNS_snprintf_add(&dst, lim, "%.16a", rdata); 3771 handled = mDNStrue; 3772 } 3773 break; 3774 3775 case kDNSType_CNAME: 3776 ptr = getDomainName(msg, rdata, end, name); 3777 if (!ptr) goto exit; 3778 3779 mDNS_snprintf_add(&dst, lim, "%##s", name); 3780 handled = mDNStrue; 3781 break; 3782 3783 case kDNSType_SOA: 3784 { 3785 mDNSu32 serial, refresh, retry, expire, minimum; 3786 domainname *const mname = &nameStorage[0]; 3787 domainname *const rname = &nameStorage[1]; 3788 name = mDNSNULL; 3789 3790 ptr = getDomainName(msg, rdata, end, mname); 3791 if (!ptr) goto exit; 3792 3793 ptr = getDomainName(msg, ptr, end, rname); 3794 if (!ptr) goto exit; 3795 3796 if ((end - ptr) < 20) goto exit; 3797 serial = ReadField32(&ptr[0]); 3798 refresh = ReadField32(&ptr[4]); 3799 retry = ReadField32(&ptr[8]); 3800 expire = ReadField32(&ptr[12]); 3801 minimum = ReadField32(&ptr[16]); 3802 3803 mDNS_snprintf_add(&dst, lim, "%##s %##s %lu %lu %lu %lu %lu", mname, rname, (unsigned long)serial, 3804 (unsigned long)refresh, (unsigned long)retry, (unsigned long)expire, (unsigned long)minimum); 3805 3806 handled = mDNStrue; 3807 break; 3808 } 3809 3810 default: 3811 break; 3812 } 3813 if (!handled) mDNS_snprintf_add(&dst, lim, "RDATA[%u]: %.*H", rdlength, rdlength, rdata); 3814 mDNS_snprintf_add(&dst, lim, " (%lu)", (unsigned long)ttl); 3815 ptr = rdata + rdlength; 3816 } 3817 3818 exit: 3819 return; 3820 } 3821 3822 // Note: DumpPacket expects the packet header fields in host byte order, not network byte order 3823 mDNSexport void DumpPacket(mStatus status, mDNSBool sent, char *transport, 3824 const mDNSAddr *srcaddr, mDNSIPPort srcport, 3825 const mDNSAddr *dstaddr, mDNSIPPort dstport, const DNSMessage *const msg, const mDNSu8 *const end) 3826 { 3827 char buffer[512]; 3828 char *dst = buffer; 3829 const char *const lim = &buffer[512]; 3830 3831 buffer[0] = '\0'; 3832 if (!status) mDNS_snprintf_add(&dst, lim, sent ? "Sent" : "Received"); 3833 else mDNS_snprintf_add(&dst, lim, "ERROR %d %sing", status, sent ? "Send" : "Receiv"); 3834 3835 mDNS_snprintf_add(&dst, lim, " %s DNS Message %u bytes from ", transport, (unsigned long)(end - (const mDNSu8 *)msg)); 3836 3837 if (sent) mDNS_snprintf_add(&dst, lim, "port %d", mDNSVal16(srcport)); 3838 else mDNS_snprintf_add(&dst, lim, "%#a:%d", srcaddr, mDNSVal16(srcport)); 3839 3840 if (dstaddr || !mDNSIPPortIsZero(dstport)) mDNS_snprintf_add(&dst, lim, " to %#a:%d", dstaddr, mDNSVal16(dstport)); 3841 3842 LogInfo("%s", buffer); 3843 3844 buffer[0] = '\0'; 3845 DNSMessageDump(msg, end, buffer, (mDNSu32)sizeof(buffer)); 3846 LogInfo("%s", buffer); 3847 } 3848 3849 // *************************************************************************** 3850 #if COMPILER_LIKES_PRAGMA_MARK 3851 #pragma mark - 3852 #pragma mark - Packet Sending Functions 3853 #endif 3854 3855 #ifdef UNIT_TEST 3856 // Run the unit test of mDNSSendDNSMessage 3857 UNITTEST_SENDDNSMESSAGE 3858 #else 3859 // Stub definition of TCPSocket_struct so we can access flags field. (Rest of TCPSocket_struct is platform-dependent.) 3860 struct TCPSocket_struct { TCPSocketFlags flags; /* ... */ }; 3861 // Stub definition of UDPSocket_struct so we can access port field. (Rest of UDPSocket_struct is platform-dependent.) 3862 struct UDPSocket_struct { mDNSIPPort port; /* ... */ }; 3863 3864 // Note: When we sign a DNS message using DNSDigest_SignMessage(), the current real-time clock value is used, which 3865 // is why we generally defer signing until we send the message, to ensure the signature is as fresh as possible. 3866 mDNSexport mStatus mDNSSendDNSMessage(mDNS *const m, DNSMessage *const msg, mDNSu8 *end, 3867 mDNSInterfaceID InterfaceID, UDPSocket *src, const mDNSAddr *dst, 3868 mDNSIPPort dstport, TCPSocket *sock, DomainAuthInfo *authInfo, 3869 mDNSBool useBackgroundTrafficClass) 3870 { 3871 mStatus status = mStatus_NoError; 3872 const mDNSu16 numAdditionals = msg->h.numAdditionals; 3873 mDNSu8 *newend; 3874 mDNSu8 *limit = msg->data + AbsoluteMaxDNSMessageData; 3875 3876 #if APPLE_OSX_mDNSResponder 3877 // maintain outbound packet statistics 3878 if (mDNSOpaque16IsZero(msg->h.id)) 3879 m->MulticastPacketsSent++; 3880 else 3881 m->UnicastPacketsSent++; 3882 #endif // APPLE_OSX_mDNSResponder 3883 3884 // Zero-length message data is okay (e.g. for a DNS Update ack, where all we need is an ID and an error code 3885 if (end < msg->data || end - msg->data > AbsoluteMaxDNSMessageData) 3886 { 3887 LogMsg("mDNSSendDNSMessage: invalid message %p %p %d", msg->data, end, end - msg->data); 3888 return mStatus_BadParamErr; 3889 } 3890 3891 newend = putHINFO(m, msg, end, authInfo, limit); 3892 if (!newend) LogMsg("mDNSSendDNSMessage: putHINFO failed msg %p end %p, limit %p", msg->data, end, limit); // Not fatal 3893 else end = newend; 3894 3895 // Put all the integer values in IETF byte-order (MSB first, LSB second) 3896 SwapDNSHeaderBytes(msg); 3897 3898 if (authInfo) DNSDigest_SignMessage(msg, &end, authInfo, 0); // DNSDigest_SignMessage operates on message in network byte order 3899 if (!end) { LogMsg("mDNSSendDNSMessage: DNSDigest_SignMessage failed"); status = mStatus_NoMemoryErr; } 3900 else 3901 { 3902 // Send the packet on the wire 3903 if (!sock) 3904 status = mDNSPlatformSendUDP(m, msg, end, InterfaceID, src, dst, dstport, useBackgroundTrafficClass); 3905 else 3906 { 3907 mDNSu16 msglen = (mDNSu16)(end - (mDNSu8 *)msg); 3908 mDNSu8 lenbuf[2] = { (mDNSu8)(msglen >> 8), (mDNSu8)(msglen & 0xFF) }; 3909 char *buf; 3910 long nsent; 3911 3912 // Try to send them in one packet if we can allocate enough memory 3913 buf = mDNSPlatformMemAllocate(msglen + 2); 3914 if (buf) 3915 { 3916 buf[0] = lenbuf[0]; 3917 buf[1] = lenbuf[1]; 3918 mDNSPlatformMemCopy(buf+2, msg, msglen); 3919 nsent = mDNSPlatformWriteTCP(sock, buf, msglen+2); 3920 if (nsent != (msglen + 2)) 3921 { 3922 LogMsg("mDNSSendDNSMessage: write message failed %d/%d", nsent, msglen); 3923 status = mStatus_ConnFailed; 3924 } 3925 mDNSPlatformMemFree(buf); 3926 } 3927 else 3928 { 3929 nsent = mDNSPlatformWriteTCP(sock, (char*)lenbuf, 2); 3930 if (nsent != 2) 3931 { 3932 LogMsg("mDNSSendDNSMessage: write msg length failed %d/%d", nsent, 2); 3933 status = mStatus_ConnFailed; 3934 } 3935 else 3936 { 3937 nsent = mDNSPlatformWriteTCP(sock, (char *)msg, msglen); 3938 if (nsent != msglen) 3939 { 3940 LogMsg("mDNSSendDNSMessage: write msg body failed %d/%d", nsent, msglen); 3941 status = mStatus_ConnFailed; 3942 } 3943 } 3944 } 3945 } 3946 } 3947 3948 // Swap the integer values back the way they were (remember that numAdditionals may have been changed by putHINFO and/or SignMessage) 3949 SwapDNSHeaderBytes(msg); 3950 3951 // Dump the packet with the HINFO and TSIG 3952 if (mDNS_PacketLoggingEnabled && !mDNSOpaque16IsZero(msg->h.id)) 3953 DumpPacket(status, mDNStrue, sock && (sock->flags & kTCPSocketFlags_UseTLS) ? "TLS" : sock ? "TCP" : "UDP", mDNSNULL, src ? src->port : MulticastDNSPort, dst, dstport, msg, end); 3954 3955 // put the number of additionals back the way it was 3956 msg->h.numAdditionals = numAdditionals; 3957 3958 return(status); 3959 } 3960 #endif // UNIT_TEST 3961 3962 // *************************************************************************** 3963 #if COMPILER_LIKES_PRAGMA_MARK 3964 #pragma mark - 3965 #pragma mark - RR List Management & Task Management 3966 #endif 3967 3968 mDNSexport void mDNS_Lock_(mDNS *const m, const char * const functionname) 3969 { 3970 // MUST grab the platform lock FIRST! 3971 mDNSPlatformLock(m); 3972 3973 // Normally, mDNS_reentrancy is zero and so is mDNS_busy 3974 // However, when we call a client callback mDNS_busy is one, and we increment mDNS_reentrancy too 3975 // If that client callback does mDNS API calls, mDNS_reentrancy and mDNS_busy will both be one 3976 // If mDNS_busy != mDNS_reentrancy that's a bad sign 3977 if (m->mDNS_busy != m->mDNS_reentrancy) 3978 LogFatalError("%s: mDNS_Lock: Locking failure! mDNS_busy (%ld) != mDNS_reentrancy (%ld)", functionname, m->mDNS_busy, m->mDNS_reentrancy); 3979 3980 // If this is an initial entry into the mDNSCore code, set m->timenow 3981 // else, if this is a re-entrant entry into the mDNSCore code, m->timenow should already be set 3982 if (m->mDNS_busy == 0) 3983 { 3984 if (m->timenow) 3985 LogMsg("%s: mDNS_Lock: m->timenow already set (%ld/%ld)", functionname, m->timenow, mDNS_TimeNow_NoLock(m)); 3986 m->timenow = mDNS_TimeNow_NoLock(m); 3987 if (m->timenow == 0) m->timenow = 1; 3988 } 3989 else if (m->timenow == 0) 3990 { 3991 LogMsg("%s: mDNS_Lock: m->mDNS_busy is %ld but m->timenow not set", functionname, m->mDNS_busy); 3992 m->timenow = mDNS_TimeNow_NoLock(m); 3993 if (m->timenow == 0) m->timenow = 1; 3994 } 3995 3996 if (m->timenow_last - m->timenow > 0) 3997 { 3998 m->timenow_adjust += m->timenow_last - m->timenow; 3999 LogMsg("%s: mDNSPlatformRawTime went backwards by %ld ticks; setting correction factor to %ld", functionname, m->timenow_last - m->timenow, m->timenow_adjust); 4000 m->timenow = m->timenow_last; 4001 } 4002 m->timenow_last = m->timenow; 4003 4004 // Increment mDNS_busy so we'll recognise re-entrant calls 4005 m->mDNS_busy++; 4006 } 4007 4008 mDNSlocal AuthRecord *AnyLocalRecordReady(const mDNS *const m) 4009 { 4010 AuthRecord *rr; 4011 for (rr = m->NewLocalRecords; rr; rr = rr->next) 4012 if (LocalRecordReady(rr)) return rr; 4013 return mDNSNULL; 4014 } 4015 4016 mDNSlocal mDNSs32 GetNextScheduledEvent(const mDNS *const m) 4017 { 4018 mDNSs32 e = m->timenow + FutureTime; 4019 if (m->mDNSPlatformStatus != mStatus_NoError) return(e); 4020 if (m->NewQuestions) 4021 { 4022 if (m->NewQuestions->DelayAnswering) e = m->NewQuestions->DelayAnswering; 4023 else return(m->timenow); 4024 } 4025 if (m->NewLocalOnlyQuestions) return(m->timenow); 4026 if (m->NewLocalRecords && AnyLocalRecordReady(m)) return(m->timenow); 4027 if (m->NewLocalOnlyRecords) return(m->timenow); 4028 if (m->SPSProxyListChanged) return(m->timenow); 4029 if (m->LocalRemoveEvents) return(m->timenow); 4030 4031 #ifndef UNICAST_DISABLED 4032 if (e - m->NextuDNSEvent > 0) e = m->NextuDNSEvent; 4033 if (e - m->NextScheduledNATOp > 0) e = m->NextScheduledNATOp; 4034 if (m->NextSRVUpdate && e - m->NextSRVUpdate > 0) e = m->NextSRVUpdate; 4035 #endif 4036 4037 if (e - m->NextCacheCheck > 0) e = m->NextCacheCheck; 4038 if (e - m->NextScheduledSPS > 0) e = m->NextScheduledSPS; 4039 if (e - m->NextScheduledKA > 0) e = m->NextScheduledKA; 4040 4041 #if BONJOUR_ON_DEMAND 4042 if (m->NextBonjourDisableTime && (e - m->NextBonjourDisableTime > 0)) e = m->NextBonjourDisableTime; 4043 #endif // BONJOUR_ON_DEMAND 4044 4045 // NextScheduledSPRetry only valid when DelaySleep not set 4046 if (!m->DelaySleep && m->SleepLimit && e - m->NextScheduledSPRetry > 0) e = m->NextScheduledSPRetry; 4047 if (m->DelaySleep && e - m->DelaySleep > 0) e = m->DelaySleep; 4048 4049 if (m->SuppressSending) 4050 { 4051 if (e - m->SuppressSending > 0) e = m->SuppressSending; 4052 } 4053 else 4054 { 4055 if (e - m->NextScheduledQuery > 0) e = m->NextScheduledQuery; 4056 if (e - m->NextScheduledProbe > 0) e = m->NextScheduledProbe; 4057 if (e - m->NextScheduledResponse > 0) e = m->NextScheduledResponse; 4058 } 4059 if (e - m->NextScheduledStopTime > 0) e = m->NextScheduledStopTime; 4060 4061 if (m->NextBLEServiceTime && (e - m->NextBLEServiceTime > 0)) e = m->NextBLEServiceTime; 4062 4063 return(e); 4064 } 4065 4066 #define LogTSE TSE++,LogMsg 4067 4068 mDNSexport void ShowTaskSchedulingError(mDNS *const m) 4069 { 4070 int TSE = 0; 4071 AuthRecord *rr; 4072 mDNS_Lock(m); 4073 4074 LogMsg("Task Scheduling Error: *** Continuously busy for more than a second"); 4075 4076 // Note: To accurately diagnose *why* we're busy, the debugging code here needs to mirror the logic in GetNextScheduledEvent above 4077 4078 if (m->NewQuestions && (!m->NewQuestions->DelayAnswering || m->timenow - m->NewQuestions->DelayAnswering >= 0)) 4079 LogTSE("Task Scheduling Error: NewQuestion %##s (%s)", 4080 m->NewQuestions->qname.c, DNSTypeName(m->NewQuestions->qtype)); 4081 4082 if (m->NewLocalOnlyQuestions) 4083 LogTSE("Task Scheduling Error: NewLocalOnlyQuestions %##s (%s)", 4084 m->NewLocalOnlyQuestions->qname.c, DNSTypeName(m->NewLocalOnlyQuestions->qtype)); 4085 4086 if (m->NewLocalRecords) 4087 { 4088 rr = AnyLocalRecordReady(m); 4089 if (rr) LogTSE("Task Scheduling Error: NewLocalRecords %s", ARDisplayString(m, rr)); 4090 } 4091 4092 if (m->NewLocalOnlyRecords) LogTSE("Task Scheduling Error: NewLocalOnlyRecords"); 4093 4094 if (m->SPSProxyListChanged) LogTSE("Task Scheduling Error: SPSProxyListChanged"); 4095 4096 if (m->LocalRemoveEvents) LogTSE("Task Scheduling Error: LocalRemoveEvents"); 4097 4098 #ifndef UNICAST_DISABLED 4099 if (m->timenow - m->NextuDNSEvent >= 0) 4100 LogTSE("Task Scheduling Error: m->NextuDNSEvent %d", m->timenow - m->NextuDNSEvent); 4101 if (m->timenow - m->NextScheduledNATOp >= 0) 4102 LogTSE("Task Scheduling Error: m->NextScheduledNATOp %d", m->timenow - m->NextScheduledNATOp); 4103 if (m->NextSRVUpdate && m->timenow - m->NextSRVUpdate >= 0) 4104 LogTSE("Task Scheduling Error: m->NextSRVUpdate %d", m->timenow - m->NextSRVUpdate); 4105 #endif 4106 4107 if (m->timenow - m->NextCacheCheck >= 0) 4108 LogTSE("Task Scheduling Error: m->NextCacheCheck %d", m->timenow - m->NextCacheCheck); 4109 if (m->timenow - m->NextScheduledSPS >= 0) 4110 LogTSE("Task Scheduling Error: m->NextScheduledSPS %d", m->timenow - m->NextScheduledSPS); 4111 if (m->timenow - m->NextScheduledKA >= 0) 4112 LogTSE("Task Scheduling Error: m->NextScheduledKA %d", m->timenow - m->NextScheduledKA); 4113 if (!m->DelaySleep && m->SleepLimit && m->timenow - m->NextScheduledSPRetry >= 0) 4114 LogTSE("Task Scheduling Error: m->NextScheduledSPRetry %d", m->timenow - m->NextScheduledSPRetry); 4115 if (m->DelaySleep && m->timenow - m->DelaySleep >= 0) 4116 LogTSE("Task Scheduling Error: m->DelaySleep %d", m->timenow - m->DelaySleep); 4117 4118 if (m->SuppressSending && m->timenow - m->SuppressSending >= 0) 4119 LogTSE("Task Scheduling Error: m->SuppressSending %d", m->timenow - m->SuppressSending); 4120 if (m->timenow - m->NextScheduledQuery >= 0) 4121 LogTSE("Task Scheduling Error: m->NextScheduledQuery %d", m->timenow - m->NextScheduledQuery); 4122 if (m->timenow - m->NextScheduledProbe >= 0) 4123 LogTSE("Task Scheduling Error: m->NextScheduledProbe %d", m->timenow - m->NextScheduledProbe); 4124 if (m->timenow - m->NextScheduledResponse >= 0) 4125 LogTSE("Task Scheduling Error: m->NextScheduledResponse %d", m->timenow - m->NextScheduledResponse); 4126 if (m->timenow - m->NextScheduledStopTime >= 0) 4127 LogTSE("Task Scheduling Error: m->NextScheduledStopTime %d", m->timenow - m->NextScheduledStopTime); 4128 4129 if (m->timenow - m->NextScheduledEvent >= 0) 4130 LogTSE("Task Scheduling Error: m->NextScheduledEvent %d", m->timenow - m->NextScheduledEvent); 4131 4132 if (m->NetworkChanged && m->timenow - m->NetworkChanged >= 0) 4133 LogTSE("Task Scheduling Error: NetworkChanged %d", m->timenow - m->NetworkChanged); 4134 4135 if (!TSE) LogMsg("Task Scheduling Error: *** No likely causes identified"); 4136 else LogMsg("Task Scheduling Error: *** %d potential cause%s identified (significant only if the same cause consistently appears)", TSE, TSE > 1 ? "s" : ""); 4137 4138 mDNS_Unlock(m); 4139 } 4140 4141 mDNSexport void mDNS_Unlock_(mDNS *const m, const char *const functionname) 4142 { 4143 // Decrement mDNS_busy 4144 m->mDNS_busy--; 4145 4146 // Check for locking failures 4147 if (m->mDNS_busy != m->mDNS_reentrancy) 4148 LogFatalError("%s: mDNS_Unlock: Locking failure! mDNS_busy (%ld) != mDNS_reentrancy (%ld)", functionname, m->mDNS_busy, m->mDNS_reentrancy); 4149 4150 // If this is a final exit from the mDNSCore code, set m->NextScheduledEvent and clear m->timenow 4151 if (m->mDNS_busy == 0) 4152 { 4153 m->NextScheduledEvent = GetNextScheduledEvent(m); 4154 if (m->timenow == 0) LogMsg("%s: mDNS_Unlock: ERROR! m->timenow aready zero", functionname); 4155 m->timenow = 0; 4156 } 4157 4158 // MUST release the platform lock LAST! 4159 mDNSPlatformUnlock(m); 4160 } 4161 4162 // *************************************************************************** 4163 #if COMPILER_LIKES_PRAGMA_MARK 4164 #pragma mark - 4165 #pragma mark - Specialized mDNS version of vsnprintf 4166 #endif 4167 4168 static const struct mDNSprintf_format 4169 { 4170 unsigned leftJustify : 1; 4171 unsigned forceSign : 1; 4172 unsigned zeroPad : 1; 4173 unsigned havePrecision : 1; 4174 unsigned hSize : 1; 4175 unsigned lSize : 1; 4176 char altForm; 4177 char sign; // +, - or space 4178 unsigned int fieldWidth; 4179 unsigned int precision; 4180 } mDNSprintf_format_default = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; 4181 4182 #define kHexDigitsLowercase "0123456789abcdef" 4183 #define kHexDigitsUppercase "0123456789ABCDEF"; 4184 4185 mDNSexport mDNSu32 mDNS_vsnprintf(char *sbuffer, mDNSu32 buflen, const char *fmt, va_list arg) 4186 { 4187 mDNSu32 nwritten = 0; 4188 int c; 4189 if (buflen == 0) return(0); 4190 buflen--; // Pre-reserve one space in the buffer for the terminating null 4191 if (buflen == 0) goto exit; 4192 4193 for (c = *fmt; c != 0; c = *++fmt) 4194 { 4195 unsigned long n; 4196 int hexdump = mDNSfalse; 4197 if (c != '%') 4198 { 4199 *sbuffer++ = (char)c; 4200 if (++nwritten >= buflen) goto exit; 4201 } 4202 else 4203 { 4204 unsigned int i=0, j; 4205 // The mDNS Vsprintf Argument Conversion Buffer is used as a temporary holding area for 4206 // generating decimal numbers, hexdecimal numbers, IP addresses, domain name strings, etc. 4207 // The size needs to be enough for a 256-byte domain name plus some error text. 4208 #define mDNS_VACB_Size 300 4209 char mDNS_VACB[mDNS_VACB_Size]; 4210 #define mDNS_VACB_Lim (&mDNS_VACB[mDNS_VACB_Size]) 4211 #define mDNS_VACB_Remain(s) ((mDNSu32)(mDNS_VACB_Lim - s)) 4212 char *s = mDNS_VACB_Lim, *digits; 4213 struct mDNSprintf_format F = mDNSprintf_format_default; 4214 4215 while (1) // decode flags 4216 { 4217 c = *++fmt; 4218 if (c == '-') F.leftJustify = 1; 4219 else if (c == '+') F.forceSign = 1; 4220 else if (c == ' ') F.sign = ' '; 4221 else if (c == '#') F.altForm++; 4222 else if (c == '0') F.zeroPad = 1; 4223 else break; 4224 } 4225 4226 if (c == '*') // decode field width 4227 { 4228 int f = va_arg(arg, int); 4229 if (f < 0) { f = -f; F.leftJustify = 1; } 4230 F.fieldWidth = (unsigned int)f; 4231 c = *++fmt; 4232 } 4233 else 4234 { 4235 for (; c >= '0' && c <= '9'; c = *++fmt) 4236 F.fieldWidth = (10 * F.fieldWidth) + (c - '0'); 4237 } 4238 4239 if (c == '.') // decode precision 4240 { 4241 if ((c = *++fmt) == '*') 4242 { F.precision = va_arg(arg, unsigned int); c = *++fmt; } 4243 else for (; c >= '0' && c <= '9'; c = *++fmt) 4244 F.precision = (10 * F.precision) + (c - '0'); 4245 F.havePrecision = 1; 4246 } 4247 4248 if (F.leftJustify) F.zeroPad = 0; 4249 4250 conv: 4251 switch (c) // perform appropriate conversion 4252 { 4253 case 'h': F.hSize = 1; c = *++fmt; goto conv; 4254 case 'l': // fall through 4255 case 'L': F.lSize = 1; c = *++fmt; goto conv; 4256 case 'd': 4257 case 'i': if (F.lSize) n = (unsigned long)va_arg(arg, long); 4258 else n = (unsigned long)va_arg(arg, int); 4259 if (F.hSize) n = (short) n; 4260 if ((long) n < 0) { n = (unsigned long)-(long)n; F.sign = '-'; } 4261 else if (F.forceSign) F.sign = '+'; 4262 goto decimal; 4263 case 'u': if (F.lSize) n = va_arg(arg, unsigned long); 4264 else n = va_arg(arg, unsigned int); 4265 if (F.hSize) n = (unsigned short) n; 4266 F.sign = 0; 4267 goto decimal; 4268 decimal: if (!F.havePrecision) 4269 { 4270 if (F.zeroPad) 4271 { 4272 F.precision = F.fieldWidth; 4273 if (F.sign) --F.precision; 4274 } 4275 if (F.precision < 1) F.precision = 1; 4276 } 4277 if (F.precision > mDNS_VACB_Size - 1) 4278 F.precision = mDNS_VACB_Size - 1; 4279 for (i = 0; n; n /= 10, i++) *--s = (char)(n % 10 + '0'); 4280 for (; i < F.precision; i++) *--s = '0'; 4281 if (F.sign) { *--s = F.sign; i++; } 4282 break; 4283 4284 case 'o': if (F.lSize) n = va_arg(arg, unsigned long); 4285 else n = va_arg(arg, unsigned int); 4286 if (F.hSize) n = (unsigned short) n; 4287 if (!F.havePrecision) 4288 { 4289 if (F.zeroPad) F.precision = F.fieldWidth; 4290 if (F.precision < 1) F.precision = 1; 4291 } 4292 if (F.precision > mDNS_VACB_Size - 1) 4293 F.precision = mDNS_VACB_Size - 1; 4294 for (i = 0; n; n /= 8, i++) *--s = (char)(n % 8 + '0'); 4295 if (F.altForm && i && *s != '0') { *--s = '0'; i++; } 4296 for (; i < F.precision; i++) *--s = '0'; 4297 break; 4298 4299 case 'a': { 4300 unsigned char *a = va_arg(arg, unsigned char *); 4301 if (!a) { static char emsg[] = "<<NULL>>"; s = emsg; i = sizeof(emsg)-1; } 4302 else 4303 { 4304 s = mDNS_VACB; // Adjust s to point to the start of the buffer, not the end 4305 if (F.altForm) 4306 { 4307 mDNSAddr *ip = (mDNSAddr*)a; 4308 switch (ip->type) 4309 { 4310 case mDNSAddrType_IPv4: F.precision = 4; a = (unsigned char *)&ip->ip.v4; break; 4311 case mDNSAddrType_IPv6: F.precision = 16; a = (unsigned char *)&ip->ip.v6; break; 4312 default: F.precision = 0; break; 4313 } 4314 } 4315 if (F.altForm && !F.precision) 4316 i = mDNS_snprintf(mDNS_VACB, sizeof(mDNS_VACB), "«ZERO ADDRESS»"); 4317 else switch (F.precision) 4318 { 4319 case 4: i = mDNS_snprintf(mDNS_VACB, sizeof(mDNS_VACB), "%d.%d.%d.%d", 4320 a[0], a[1], a[2], a[3]); break; 4321 case 6: i = mDNS_snprintf(mDNS_VACB, sizeof(mDNS_VACB), "%02X:%02X:%02X:%02X:%02X:%02X", 4322 a[0], a[1], a[2], a[3], a[4], a[5]); break; 4323 case 16: { 4324 // Print IPv6 addresses according to RFC 5952, A Recommendation for IPv6 Address Text 4325 // Representation. See <https://tools.ietf.org/html/rfc5952>. 4326 4327 int idx, runLen = 0, runStart = 0, maxRunLen = 0, maxRunStart = 0, maxRunEnd; 4328 4329 // Find the leftmost longest run of consecutive zero hextets. 4330 for (idx = 0; idx < 8; ++idx) 4331 { 4332 const unsigned int hextet = (a[idx * 2] << 8) | a[(idx * 2) + 1]; 4333 if (hextet == 0) 4334 { 4335 if (runLen++ == 0) runStart = idx; 4336 if (runLen > maxRunLen) 4337 { 4338 maxRunStart = runStart; 4339 maxRunLen = runLen; 4340 } 4341 } 4342 else 4343 { 4344 // If the number of remaining hextets is less than or equal to the length of the longest 4345 // run so far, then we've found the leftmost longest run. 4346 if ((8 - (idx + 1)) <= maxRunLen) break; 4347 runLen = 0; 4348 } 4349 } 4350 4351 // Compress the leftmost longest run of two or more consecutive zero hextets as "::". 4352 // For each reminaing hextet, suppress zeros leading up to the least-significant nibble, which 4353 // is always written, even if it's zero. Because of this requirement, it's easier to write the 4354 // IPv6 address in reverse. Also, write a colon separator before each hextet except for the 4355 // first one. 4356 s = mDNS_VACB_Lim; 4357 maxRunEnd = (maxRunLen >= 2) ? (maxRunStart + maxRunLen - 1) : -1; 4358 for (idx = 7; idx >= 0; --idx) 4359 { 4360 if (idx == maxRunEnd) 4361 { 4362 if (idx == 7) *--s = ':'; 4363 idx = maxRunStart; 4364 *--s = ':'; 4365 } 4366 else 4367 { 4368 unsigned int hextet = (a[idx * 2] << 8) | a[(idx * 2) + 1]; 4369 do { 4370 *--s = kHexDigitsLowercase[hextet % 16]; 4371 hextet /= 16; 4372 } while (hextet); 4373 if (idx > 0) *--s = ':'; 4374 } 4375 } 4376 i = (unsigned int)(mDNS_VACB_Lim - s); 4377 } 4378 break; 4379 4380 default: i = mDNS_snprintf(mDNS_VACB, sizeof(mDNS_VACB), "%s", "<< ERROR: Must specify" 4381 " address size (i.e. %.4a=IPv4, %.6a=Ethernet, %.16a=IPv6) >>"); break; 4382 } 4383 } 4384 } 4385 break; 4386 4387 case 'p': F.havePrecision = F.lSize = 1; 4388 F.precision = sizeof(void*) * 2; // 8 characters on 32-bit; 16 characters on 64-bit 4389 /* FALLTHROUGH */ 4390 case 'X': digits = kHexDigitsUppercase; 4391 goto hexadecimal; 4392 case 'x': digits = kHexDigitsLowercase; 4393 hexadecimal: if (F.lSize) n = va_arg(arg, unsigned long); 4394 else n = va_arg(arg, unsigned int); 4395 if (F.hSize) n = (unsigned short) n; 4396 if (!F.havePrecision) 4397 { 4398 if (F.zeroPad) 4399 { 4400 F.precision = F.fieldWidth; 4401 if (F.altForm) F.precision -= 2; 4402 } 4403 if (F.precision < 1) F.precision = 1; 4404 } 4405 if (F.precision > mDNS_VACB_Size - 1) 4406 F.precision = mDNS_VACB_Size - 1; 4407 for (i = 0; n; n /= 16, i++) *--s = digits[n % 16]; 4408 for (; i < F.precision; i++) *--s = '0'; 4409 if (F.altForm) { *--s = (char)c; *--s = '0'; i += 2; } 4410 break; 4411 4412 case 'c': *--s = (char)va_arg(arg, int); i = 1; break; 4413 4414 case 's': s = va_arg(arg, char *); 4415 if (!s) { static char emsg[] = "<<NULL>>"; s = emsg; i = sizeof(emsg)-1; } 4416 else switch (F.altForm) 4417 { 4418 case 0: i=0; 4419 if (!F.havePrecision) // C string 4420 while (s[i]) i++; 4421 else 4422 { 4423 while ((i < F.precision) && s[i]) i++; 4424 // Make sure we don't truncate in the middle of a UTF-8 character 4425 // If last character we got was any kind of UTF-8 multi-byte character, 4426 // then see if we have to back up. 4427 // This is not as easy as the similar checks below, because 4428 // here we can't assume it's safe to examine the *next* byte, so we 4429 // have to confine ourselves to working only backwards in the string. 4430 j = i; // Record where we got to 4431 // Now, back up until we find first non-continuation-char 4432 while (i>0 && (s[i-1] & 0xC0) == 0x80) i--; 4433 // Now s[i-1] is the first non-continuation-char 4434 // and (j-i) is the number of continuation-chars we found 4435 if (i>0 && (s[i-1] & 0xC0) == 0xC0) // If we found a start-char 4436 { 4437 i--; // Tentatively eliminate this start-char as well 4438 // Now (j-i) is the number of characters we're considering eliminating. 4439 // To be legal UTF-8, the start-char must contain (j-i) one-bits, 4440 // followed by a zero bit. If we shift it right by (7-(j-i)) bits 4441 // (with sign extension) then the result has to be 0xFE. 4442 // If this is right, then we reinstate the tentatively eliminated bytes. 4443 if (((j-i) < 7) && (((s[i] >> (7-(j-i))) & 0xFF) == 0xFE)) i = j; 4444 } 4445 } 4446 break; 4447 case 1: i = (unsigned char) *s++; break; // Pascal string 4448 case 2: { // DNS label-sequence name 4449 unsigned char *a = (unsigned char *)s; 4450 s = mDNS_VACB; // Adjust s to point to the start of the buffer, not the end 4451 if (*a == 0) *s++ = '.'; // Special case for root DNS name 4452 while (*a) 4453 { 4454 char buf[63*4+1]; 4455 if (*a > 63) 4456 { s += mDNS_snprintf(s, mDNS_VACB_Remain(s), "<<INVALID LABEL LENGTH %u>>", *a); break; } 4457 if (s + *a >= &mDNS_VACB[254]) 4458 { s += mDNS_snprintf(s, mDNS_VACB_Remain(s), "<<NAME TOO LONG>>"); break; } 4459 // Need to use ConvertDomainLabelToCString to do proper escaping here, 4460 // so it's clear what's a literal dot and what's a label separator 4461 ConvertDomainLabelToCString((domainlabel*)a, buf); 4462 s += mDNS_snprintf(s, mDNS_VACB_Remain(s), "%s.", buf); 4463 a += 1 + *a; 4464 } 4465 i = (mDNSu32)(s - mDNS_VACB); 4466 s = mDNS_VACB; // Reset s back to the start of the buffer 4467 break; 4468 } 4469 } 4470 // Make sure we don't truncate in the middle of a UTF-8 character (see similar comment below) 4471 if (F.havePrecision && i > F.precision) 4472 { i = F.precision; while (i>0 && (s[i] & 0xC0) == 0x80) i--;} 4473 break; 4474 4475 case 'H': { 4476 s = va_arg(arg, char *); 4477 hexdump = mDNStrue; 4478 } 4479 break; 4480 4481 case 'n': s = va_arg(arg, char *); 4482 if (F.hSize) *(short *) s = (short)nwritten; 4483 else if (F.lSize) *(long *) s = (long)nwritten; 4484 else *(int *) s = (int)nwritten; 4485 continue; 4486 4487 default: s = mDNS_VACB; 4488 i = mDNS_snprintf(mDNS_VACB, sizeof(mDNS_VACB), "<<UNKNOWN FORMAT CONVERSION CODE %%%c>>", c); 4489 /* FALLTHROUGH */ 4490 4491 case '%': *sbuffer++ = (char)c; 4492 if (++nwritten >= buflen) goto exit; 4493 break; 4494 } 4495 4496 if (i < F.fieldWidth && !F.leftJustify) // Pad on the left 4497 do { 4498 *sbuffer++ = ' '; 4499 if (++nwritten >= buflen) goto exit; 4500 } while (i < --F.fieldWidth); 4501 4502 if (hexdump) 4503 { 4504 char *dst = sbuffer; 4505 const char *const lim = &sbuffer[buflen - nwritten]; 4506 if (F.havePrecision) 4507 { 4508 for (i = 0; (i < F.precision) && (dst < lim); i++) 4509 { 4510 const unsigned int b = (unsigned int) *s++; 4511 if (i > 0) *dst++ = ' '; 4512 if (dst < lim) *dst++ = kHexDigitsLowercase[(b >> 4) & 0xF]; 4513 if (dst < lim) *dst++ = kHexDigitsLowercase[ b & 0xF]; 4514 } 4515 } 4516 i = (unsigned int)(dst - sbuffer); 4517 sbuffer = dst; 4518 } 4519 else 4520 { 4521 // Make sure we don't truncate in the middle of a UTF-8 character. 4522 // Note: s[i] is the first eliminated character; i.e. the next character *after* the last character of the 4523 // allowed output. If s[i] is a UTF-8 continuation character, then we've cut a unicode character in half, 4524 // so back up 'i' until s[i] is no longer a UTF-8 continuation character. (if the input was proprly 4525 // formed, s[i] will now be the UTF-8 start character of the multi-byte character we just eliminated). 4526 if (i > buflen - nwritten) 4527 { i = buflen - nwritten; while (i>0 && (s[i] & 0xC0) == 0x80) i--;} 4528 for (j=0; j<i; j++) *sbuffer++ = *s++; // Write the converted result 4529 } 4530 nwritten += i; 4531 if (nwritten >= buflen) goto exit; 4532 4533 for (; i < F.fieldWidth; i++) // Pad on the right 4534 { 4535 *sbuffer++ = ' '; 4536 if (++nwritten >= buflen) goto exit; 4537 } 4538 } 4539 } 4540 exit: 4541 *sbuffer++ = 0; 4542 return(nwritten); 4543 } 4544 4545 mDNSexport mDNSu32 mDNS_snprintf(char *sbuffer, mDNSu32 buflen, const char *fmt, ...) 4546 { 4547 mDNSu32 length; 4548 4549 va_list ptr; 4550 va_start(ptr,fmt); 4551 length = mDNS_vsnprintf(sbuffer, buflen, fmt, ptr); 4552 va_end(ptr); 4553 4554 return(length); 4555 } 4556